Using external git-lfs server in gitlab-ci on a windows gitlab runner?

Question

I am trying to use an external git-lfs server for a job running on a windows gitlab runner (which is under my control). The git-lfs server used offers only HTTPS authentication (SSH is not an option). For security reasons, I don't want to commit my credentials into the file .lfsconfig.

For Linux, I found this answer and adapted it for my purpose:

git config --global credential.mydomain.helper '!f() { echo "username=${GIT_LFS_USER}"; echo "password=${GIT_LFS_PASSWORD}"; }; f'

I tried to configure this on the windows gitlab-runner used (pre_clone_script option in config.toml), however I didn't manage to get it to work (I am getting authorization denied from the lfs server) and I am not sure this can work, because as far as I understand on Windows git uses Windows Credential Manager per default.

How can I provide the credentials of an external git-lfs server to run a gitlab-ci job on a Windows gitlab-runner?

score 1 · Accepted Answer · answered Dec 23 '20 at 11:37

I managed to make it work using this syntax in the configuration file config.toml of the windows gitlab runner (replace myusername, myurl, and mypassword with real strings):

pre_clone_script="""git config --global credential.https://myurl.com.username "myusername"
git config --global "credential.https://myurl.com.helper" '!f() { echo password="mypassword"; }; f'
  """

To make it even cleaner, it's possible to use pre_clone_script="Invoke-Command $CI_PRE_CLONE_SCRIPT" and to define CI_PRE_CLONE_SCRIPT in each gitlab's project configuration.

Using external git-lfs server in gitlab-ci on a windows gitlab runner?

1 Answers1