gitlab - Push to a repository using access_token

Question

I implemented the oauth2 web flow in order to get access_token from users of my app. With the access_token, I would like to do the following actions:

Get user informations
Create a repo for this user
Push code to this repo (using git push )

I already successfully get the user information(1) and create a repo(2)

The problem is I can't push code (3), I got "Unauthorized" error.

The command I run:

git remote add origin https://gitlab-ci-token<mytoken>@gitlab.com/myuser/myrepo.git  
git push origin master

score 110 · Accepted Answer · edited Sep 09 '20 at 16:21

110

You should do

git remote add origin https://<access-token-name>:<access-token>@gitlab.com/myuser/myrepo.git

Note that this stores the access token as plain text in the .git\config file. To avoid this you can use the git credential system, providing the access token name for "username" and the access token for "password". This should store the credentials in the git credential system in a more secure way.

edited Sep 09 '20 at 16:21

Steven C. Howell

16,902
15
72
97

answered Aug 29 '18 at 09:36

Dave Reikher

1,645
1
16
15

1

this does work, and I found the answer via https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html#comment-3965542554 – fbstj Aug 30 '18 at 12:46
Hello What is the difference with the above? – captainblack Apr 03 '19 at 11:56
gitlab-ci-token: schema is supposed to use a token generated by Gitlab CI which is hidden, it's even masked in Gitlab CI logs when attempt to print out the env variable it's stored in, but the limtation is it's applicable only to the repo where the Gitlab CI pipeline was started on (perhaps internal, public or group repos, not sure there were changes to permission model since). oauth2: schema is supposed to use Gitlab user's personal access token and the permissions can be set using Members. – Bojan Markovic Sep 16 '19 at 09:45
4

If gitlab says `git remote add origin git@gitlab.bigcorp.dev:foo/bar/myrepo.git` you should do (watch missed `:` ) : `git remote add origin "https://oauth2:XXXXXXXXX@gitlab.bigcorp.dev/foo/bar/myrepo.git"` – banderlog013 Jun 12 '20 at 14:23
1

And what is ? – George Vinokhodov Nov 26 '20 at 14:24
I used this approach but it didn't help me. – Ankit Virani Jul 02 '21 at 10:15
Worked like a charm for my objective. – dchayka Jan 03 '22 at 22:55
error: failed to push some refs to – Ravi Soni May 12 '22 at 14:27
1

@George `access-token-name` is the name of the token that you generated in gitlab. The < and > in the above example should be excluded, the same goes for `access-token` value. – Jordi Jun 08 '22 at 16:01

Akif · Answer 2 · 2019-08-23T10:45:21.163

45

It is also possible to push directly without adding a new remote repository:

git push https://gitlab-ci-token:<access_token>@gitlab.com/myuser/myrepo.git <branch_name>

This could be especially handy if you would like pull & push to different repositories.

edited Aug 23 '19 at 10:45

answered Aug 23 '19 at 10:16

Akif

6,018
3
41
44

Shouldn't you be hiding your private access token? – Nick K9 Jan 30 '20 at 18:46

score 10 · Answer 3 · answered Sep 23 '22 at 13:35

10

You can also use git remote set-url. After creating your access token, do:

git remote set-url origin https://gitlab-ci-token:${ACCESS_TOKEN}@gitlab.com/<group>/<repo-name>.git

answered Sep 23 '22 at 13:35

vvvvv

25,404
19
49
81

score 1 · Answer 4 · answered Jan 27 '23 at 06:20

1

I placed the following into my ~/.gitconfig:

[credential "https://gitlab.com"]
    username = <insertusername>
    helper = "!f() { echo "username=<insertusername>"; echo "password=$GITLAB_PERSONAL_ACCESS_TOKEN"; };f"

answered Jan 27 '23 at 06:20

Ben Creasy

3,825
4
40
50

score -4 · Answer 5 · answered Aug 30 '18 at 10:56

-4

Push using gitlab-ci-token is not currently supported by Gitlab. There is an open feature request.

answered Aug 30 '18 at 10:56

Nicolas Pepinster

5,413
2
30
48

5

You worded it as if it is not possible at all. For the record, git push is possible but by creating personal token and setting origin URL with it hardcoded. This bears security risks as thoroughly discussed in the feature request link you shared in the answer, for which I'd recommend to hide CI from public on GitLab, even on open source repos. For the record that feature request is about doing it "internally" (non-GitLab CI's could equally push using aforementioned tokens) and with granular rights. That's what it was about. – revelt Mar 10 '19 at 19:22
@nicolas, if you want more points, you can probably delete your answer. ;-) – blamb Jul 18 '23 at 15:52

gitlab - Push to a repository using access_token

5 Answers5

Linked