I am trying to authenticate with GitHub using a personal access token. In the help files at github, it states to use the cURL method to authenticate (https://help.github.com/articles/creating-an-access-token-for-command-line-use). I have tried this, but I still cannot push to GitHub. Please note, I am trying to push from an unauthenticated server (Travis-CI).
cd $HOME
git config --global user.email "emailaddress@yahoo.com"
git config --global user.name "username"
curl -u "username:<MYTOKEN>" https://github.com/username/ol3-1.git
git clone --branch=gh-pages https://github.com/username/ol3-1.git gh-pages
cd gh-pages
mkdir buildtest
cd buildtest
touch asdf.asdf
git add -f .
git commit -m "Travis build $TRAVIS_BUILD_NUMBER pushed to gh-pages"
git push -fq origin gh-pages
This code causes the errors:
remote: Anonymous access to scuzzlebuzzle/ol3-1.git denied.
fatal: Authentication failed for 'https://github.com/scuzzlebuzzle/ol3-1.git/'"
Your curl command is entirely wrong. You should be using the following
curl -H 'Authorization: token <MYTOKEN>' ...
That aside, that doesn't authorize your computer to clone the repository if in fact it is private. (Taking a look, however, indicates that it is not.) What you would normally do is the following:
git clone https://scuzzlebuzzle:<MYTOKEN>@github.com/scuzzlebuzzle/ol3-1.git --branch=gh-pages gh-pages
That will add your credentials to the remote created when cloning the repository. Unfortunately, however, you have no control over how Travis clones your repository, so you have to edit the remote like so.
# After cloning
cd gh-pages
git remote rm origin
git remote add origin https://scuzzlebuzzle:<MYTOKEN>@github.com/scuzzlebuzzle/ol3-1.git
That will fix your project to use a remote with credentials built in.
To avoid handing over "the keys to the castle"...
Note that sigmavirus24's response requires you to give Travis a token with fairly wide permissions -- since GitHub only offers tokens with wide scopes like "write all my public repos" or "write all my private repos".
If you want to tighten down access (with a bit more work!) you can use GitHub deployment keys combined with Travis encrypted yaml fields.
Here's a sketch of how the technique works...
First generate an RSA deploy key (via ssh-keygen) called my_key and add it as a deploy key in your github repo settings.
Then...
$ password=`openssl rand -hex 32`
$ cat my_key | openssl aes-256-cbc -k "$password" -a > my_key.enc
$ travis encrypt --add password=$password -r my-github-user/my-repo
Then use the $password file to decrypt your deploy key at integration-time, by adding to your yaml file:
before_script:
- openssl aes-256-cbc -k "$password" -d -a -in my_key.enc -out my_deploy_key
- echo -e "Host github.com\n IdentityFile /path/to/my_deploy_key" > ~/.ssh/config
- echo "github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" > ~/.ssh/known_hosts
Note: the last line pre-populates github's RSA key, which avoids the need for manually accepting at the time of a connection.
First, you need to create a personal access token (PAT). This is described here: https://help.github.com/articles/creating-an-access-token-for-command-line-use/
Laughably, the article tells you how to create it, but gives absolutely no clue what to do with it. After about an hour of trawling documentation and Stack Overflow, I finally found the answer:
$ git clone https://github.com/user-or-organisation/myrepo.git
Username: <my-username>
Password: <my-personal-access-token>
I was actually forced to enable two-factor authentication by company policy while I was working remotely and still had local changes, so in fact it was not clone I needed, but push. I read in lots of places that I needed to delete and recreate the remote, but in fact my normal push command worked exactly the same as the clone above, and the remote did not change:
$ git push https://github.com/user-or-organisation/myrepo.git
Username: <my-username>
Password: <my-personal-access-token>
(@YMHuang put me on the right track with the documentation link.)
Automation / Git automation with OAuth tokens
$ git clone https://github.com/username/repo.git
Username: your_token
Password:
It also works in the git push command.
Reference: https://help.github.com/articles/git-automation-with-oauth-tokens/
This worked for me using ssh:
Settings → Developer settings → Generate new token.
git remote rm origin
git remote add origin https://[APPLICATION]:[NEW TOKEN]@github.com/[ORGANISATION]/[REPO].git
By having struggling so many hours on applying GitHub token finally it works as below:
$ cf_export GITHUB_TOKEN=$(codefresh get context github --decrypt -o yaml | yq -y .spec.data.auth.password)
- code follows Codefresh guidance on cloning a repo using token (freestyle}
- test carried: sed
%d%H%Mon match word'-123456-whatever' - push back to the repo (which is private repo)
- triggered by DockerHub webhooks
Following is the complete code:
version: '1.0'
steps:
get_git_token:
title: Reading Github token
image: codefresh/cli
commands:
- cf_export GITHUB_TOKEN=$(codefresh get context github --decrypt -o yaml | yq -y .spec.data.auth.password)
main_clone:
title: Updating the repo
image: alpine/git:latest
commands:
- git clone https://chetabahana:$GITHUB_TOKEN@github.com/chetabahana/compose.git
- cd compose && git remote rm origin
- git config --global user.name "chetabahana"
- git config --global user.email "chetabahana@gmail.com"
- git remote add origin https://chetabahana:$GITHUB_TOKEN@github.com/chetabahana/compose.git
- sed -i "s/-[0-9]\{1,\}-\([a-zA-Z0-9_]*\)'/-`date +%d%H%M`-whatever'/g" cloudbuild.yaml
- git status && git add . && git commit -m "fresh commit" && git push -u origin master
Output...
On branch master
Changes not staged for commit:
(use "git add ..." to update what will be committed)
(use "git checkout -- ..." to discard changes in working directory)
modified: cloudbuild.yaml
no changes added to commit (use "git add" and/or "git commit -a")
[master dbab20f] fresh commit
1 file changed, 1 insertion(+), 1 deletion(-)
Enumerating objects: 5, done.
Counting objects: 20% (1/5) ... Counting objects: 100% (5/5), done.
Delta compression using up to 4 threads
Compressing objects: 33% (1/3) ... Writing objects: 100% (3/3), 283 bytes | 283.00 KiB/s, done.
Total 3 (delta 2), reused 0 (delta 0)
remote: Resolving deltas: 0% (0/2) ... (2/2), completed with 2 local objects.
To https://github.com/chetabahana/compose.git
bbb6d2f..dbab20f master -> master
Branch 'master' set up to track remote branch 'master' from 'origin'.
Reading environment variable exporting file contents.
Successfully ran freestyle step: Cloning the repo
来源:https://stackoverflow.com/questions/18935539/authenticate-with-github-using-a-token