Managing Git PATs
As a user in Codefresh, you must authorize access to your Git provider accounts, and authenticate Git-based actions from Codefresh clients, per provisioned runtime.
The authorization method depends on the Git provider and on what authorization has been set up by your account admin.
- If your admin has set up authentication with OAuth2, you can authorize access using OAuth2.
- You can always generate a personal access token from your Git provider and then add the same to Codefresh to authorize access.
If you have access to more than one runtime, you can use the same token for multiple runtimes.
You must however authorize access individually for each runtime.
Authorize Git access in Codefresh
Authorize Git access with OAuth2 if your account admin has set up Codefresh as an OAuth application, or alternatively through personal access tokens from your Git provider.
Notes:
For OAuth2: The adminstrator pre-configures the permissions and expiry date. Once you supply your credentials for authorization, you are automatically directed to the Git Personal Tokens page.
Before you begin
Make sure you have:
- For Bitbucket only, your Bitbucket account username
- If needed, a personal access token from your Git provider with the required scopes:
How to
- In the Codefresh UI, on the toolbar, click your avatar, and then select Git Personal Access Token.
- Select the runtime, and then do one of the following:
- To add a token, select Add Token.
- To update an existing token by replacing it with a new token, select Update Token.
- For OAuth2:
If the application is not registered, the button is disabled. Contact your admin for help.
- Click Authorize Access to GitHub.
- Enter your credentials, and select Sign In.
- Complete the verification if required, as when two-factor authentication is configured, for example.
For Git personal access tokens:
- Expand Advanced authorization options.
- For Bitbucket, enter your Bitbucket username.
- In the Personal Access Token field, paste the token you generated.
- Click Add Token.
In the Git Personal Access Tokens list, you can see that the new token is assigned to the runtime.
Generate GitHub personal access tokens
- Log in to your GitHub or GitHub Enterprise account.
- Select Settings > Developer Settings > Personal Access Tokens > Tokens (classic).
- Define the following:
- Token name
- Expiration date
- Select scope:
repo
- Copy the personal access token generated as you will need it to authorize access.
Generate GitLab personal access tokens
- Log in to your GitLab Cloud or Server account.
- Select User settings > Access tokens.
- Define the following:
- Token name
- Expiration date
- Select these scopes:
read_api
,read_repository
,write_repository
- Copy the personal access token generated as you will need it to authorize access.
Generate Bitbucket personal access tokens
- Log in to your Bitbucket Cloud or Server account.
- Select Personal Settings > App passwords.
- Define the Label.
Select these scopes:
- Permissions:
Read
- Workspace membership:
Read
- Repositories:
Write
- Permissions:
- Copy the personal access token generated as you will need it to authorize access.