A minimal git-credential
helper for https repository access via GitHub
apps,
providing an alternative to deploy keys, machine users, and oauth access
tokens in
automated environments.
-
Create a GitHub App and install the application for your account or organization. Ensure that the app has, at least, read-only access to "Repository contents" and generate a private key for the application.
-
Install
git-credential-github-app-auth
in the integration environment.
pip install git+https://github.com/uw-ipd/git-credential-github-app-auth
- Add
github-app-auth
as a git-credential helper and ensure thatcredential.UseHttpPath
is set. The app id and private key may be provided as helper arguments or via theGITHUB_APP_AUTH_ID
andGITHUB_APP_AUTH_KEY
environment variables.
git config --global credential.helper github-app-auth --app_id <your_app_id> --private_key <path/to/private-key.pem>
git config --global credential.UseHttpPath true
or
git config --global credential.helper github-app-auth
git config --global credential.UseHttpPath true
export GITHUB_APP_AUTH_ID=<your_app_id>
export GITHUB_APP_AUTH_KEY=<path/to/private-key.pem>
The credential helper will provide https
access credentials for
repositories with valid app installations. The helper configuration can be
verified via git-credential-github-app-auth -vv [current|token]
and/or:
GITHUB_APP_AUTH_DEBUG=2 git credential fill<<URL
url=https://github.com/<org>/<repo>
URL