How to remove Github PAT from Gitlab? - github

I recently imported a project from Github to Gitlab (Uni Owned) and I had to put my Github PAT in when importing. Now every-time I select New Project -> Import Project From Github I'm immediately taken to the list of projects on the Github account corresponding to the PAT I put in earlier.
Is there a way I can remove the Github PAT I initially put in so I'm taken to the "Provide your Github PAT" screen instead?
Thanks!

According to the documentation,
To use a newer personal access token in imports [...], sign out of your GitLab account and sign in again, or revoke the older personal access token in GitHub.

Related

How to create PAT token in github for an Organization Account

I have been added to my organization, now I am part of the organization in github and have access to a private repo. I am not able to clone the repo in my eclipse as I understood that we need a PAT token to access a private repo, but how do I create PAT for the organization. However I know how to create PAT for my own account, but only if I have PAT token for my organization I can clone the repo in my local.
PAT token allows you also access to all the organization you have access to. But it seem some clients only show personal project. In Xcode I was able to work around this by pasting the repo URL into the search field.

Can Gitlab expose build and coverage badges to anonymous users?

We are hosting some repository on GitHub, some other on GitLab.
Sometimes, the package is published but not the source code.
We always display build status and code coverage in README.md.
Is there a way to have build and coverage badge on GitLab always accessible to anonymous?
Since release 11.4.8 of Gitlab it's not possible to expose project's Badges through a Personnal Access Token anymore. Because of the change "
Restrict Personal Access Tokens to API scope on web requests."
The commit that removed this "workaround" was published as a security fix
An ongoing issue is currently being discussed to find another solution. Let's see how it goes.
That was followed by issue 13324
It includes:
FYI, I have a workaround for this using the GitLab API.
It assumes you have created a token in GitLab for a user (Note: That "user" needn't necessarily be Human - my use case is to display a badge on a dashboard hosted on a different VM).
<img src="https://<gitlab-uri>/<namespace>/<project>/badges/<branch>/build.svg?private_token=<token>
Update Dec. 2018: This is no loger possible through a token (see Paul B.'s answer).
This is because of "Improper Enforcement of Token Scope":
The GitLab web interface was vulnerable to an authorization issue that allowed access to the web-UI as a user using their Personal Access Token (PAT) of any scope.
The issue is now mitigated in the latest release and is assigned CVE-2018-19569.
But...:
Updated: 2018-11-28: We have received reports that this change has impacted how repo files and job artifacts are downloaded for some users.
For instructions on how to do so through the API, please see our support issue.
And you also have a current workaround which repeats the API access:
It is possible to add the project avatar to the project repository with a particular filename (logo) and then this file will be used for the avatar. There is an example here:
https://gitlab.com/issue-reproduce/project-avatar-repo
You'll be able to retrieve the files through the Repository Files API:
https://docs.gitlab.com/ee/api/repository_files.html#get-file-from-repository
Example:
https://gitlab.com/api/v4/projects/issue-reproduce%2Fproject-avatar-repo/repository/files/logo.png?ref=master

Authentication failed importing VSTS Git repo into BitBucket

I'm attempting to move my Git repo from VisualStudio.com (VSTS) to BitBucket, and I'm working through the BitBucket UI and choosing to import the repo. I've supplied the repo url in the following format:
https://MYCOMPANY.visualstudio.com/DefaultCollection/_git/MYREPO
And I supply my VisualStudio.com login credentials in the fields below, but I'm getting an authentication error as per the screenshot. Any ideas on what to do?
Use a personal authentication token. Provide the PAT as your username and leave the password blank.

Jenkins giving Permission denied (publickey) on adding github repo

I am using Jenkins Github plugin and was using public/private key for one repo, which was working alright. But I got problem when I added another repo, because github doesn't allow sharing public key across multiple repos.
So i integrated jenkins using github token (in Jenkins > manage > configure system and service in github) and removed private/public keys in jenkins server and github. Now when I add repo, I get Permission denied (publickey) error (image attached)
How do i integrate multiple github repos with my jenkins server?
Found the problem. There is key attached to account of user who's token was added to jenkins. My assumption was it should not have mattered as token was added. But that's not correct.
Added private keys of user who's token was used, in jenkins server and everything returns to normal
Got hint from Authenticate Jenkins CI for Github private repository

How to give the push access to github repo without giving the github account credentials?

I wrote the tool which use the one github repo as a cloud storage.
I need to give the write (push) access for this tool to one github repo, but I do not want to use the github user credentials (user name and password), because anyone can use it to logon to github and change the credentials or delete the repo.
You can generate an OAuth authorization for your specific app.
See an example here: it supposed you have registered you app in your account.