Migrating to Access Tokens for a Git repository and registry using Gitlab
We have a specific deployment that needs to be able to pull the source code from a repository.
To do this, the first developer created a user and that "user" was being used. As GitLab increased their pricing, there's no reason to have a build user there. So it's time to migrate from the fake user to an access token.
Git repository
I went to the project that the system needed to pull the code for, and added an access token. project settings->access tokens and I selected read_repository and read_registry scopes. The system needs to pull the latest code to get the latest script to run the images and needs to pull the images as well.
I removed the user and no using git returns this error:
$ git fetch
...
fatal: Could not read from remote repository.
To modify it to use the new access token in the repo
$ cd <path to repo>
$ cd .git
$ vi config
and update the url of the remote origin:
[remote "origin"]
url = https://oauth2:<access_token>@gitlab.com/<GroupName>/<projectName>.git
fetch = +refs/heads/*:refs/remotes/origin/*
Now it will work to fetch the git repo:
$ git fetch
remote: Enumerating objects: 528, done.
remote: Counting objects: 100% (468/468), done.
remote: Compressing objects: 100% (441/441), done.
remote: Total 528 (delta 267), reused 24 (delta 24), pack-reused 60
Receiving objects: 100% (528/528), 322.46 KiB | 0 bytes/s, done.
Resolving deltas: 100% (292/292), completed with 8 local objects.
Docker registry
This one was fairly simple:
$ docker login registry.gitlab.com -u gitlab-ci-token -p <access_token>
Succeeded
They don't do a good job at documenting that the username is gitlab-ci-token