git-mirror
git-mirror copied to clipboard
bachp
Problem with enabled 2FA on local GitLab instance
Hi there,
I've problems with (I guess) 2FA enabled accounts. The following error message occures while trying to push:
ERROR - Unable to sync repo https://github.com/TYPO3/TYPO3.CMS.git -> https://git.custom-domain.tld/mirror-test/TYPO3.CMS.git (Command "git" "push" "--mirror" "https://git.custom-domain.tld/mirror-test/TYPO3.CMS.git" failed with exit code: 128, Stderr: fatal: could not read Username for 'https://git.custom-domain.tld': terminal prompts disabled
Maybe the reason is the slightly different username/password handling with enabled 2FA?
I'm using the docker image.
Currently to only way to push to HTTPS is to include the credentials in the URL:
git-mirror -u https://user:[email protected]/
I haven't tried this tough. Let me know if this works.
This does not work, since this is only used for fetching the repositories inside the group. As far as I can see the URL for pushing is fetched via the GitLab API.
For now I will add .gitconfig and a .git-credential file with the required information.
If you get it working it would be nice if you could write a quick howto that can be included in the README.
Hi @bachp ,
there are two things I had to do
- Enable saving of git credentials via
git config credential.helper store - Save the credentials to the
.git-credentialsfilehttps://user:[email protected]where the password is the access token
So as far as I can see to make git-mirror working with GitLab 2FA enabled the docker image must respect two new Environment variables
- one two tell that 2FA is enabled
- if 2FA is enabled a username must be provided
With this Information it should be possible to make everything working even if 2FA with http only access.
Markus
I need to give it some more tought how this could be improved.
One idea would be to set GIT_ASKPASS and write a small helper that provides the credentials to git from config or environment variables.