I would like to create a webhook within Gitlab to automatically update a mirror repository on Github, whenever a push event happens. I've checked this page, but I didn't understand how it is done.
My Gitlab version is 6.5. Here is the configuration page:
What should I put in URL? Where do I need to place the script to update the repository?
You don't need a webhook for that. A regular post-receive hook will work very well.
To create and use such a hook you just have to login on the server where your gitlab is installed and create an ssh key for git user.
sudo -u git ssh-keygen -f /home/git/.ssh/reponame_key
(do not type any passphrase when prompted)
Go to your github account and add the public key (it's been created as /home/git/ssh/reponame_key.pub) to your project as a deploy key.
have a look at https://help.github.com/articles/managing-deploy-keys if you need help with that.
Once that is done, you just have to configure the connection between your git server and github's:
add an alias to git user's ssh configuration (add following lines to /home/git/.ssh/config - create it if it's not present)
Host reponame
IdentityFile /home/git/.ssh/reponame_key
HostName github.com
User git
Now add the new remote (using the alias you just created) to your repository:
cd /home/git/repositories/namespace/reponame.git
git remote add --mirror github reponame:youruser/reponame.git
Now that everything is in place you'll have to create the actual hook:
cd /home/git/repositories/namespace/reponame.git/hooks
echo "exec git push --quiet github &" >> post-receive
chmod 755 post-receive
The lastcommand is very important because git will check if a hook is executable before running it.
That's it!
(Replace reponame, namespace and youruser according to your real accounts and enjoy).
Last note: if you want your name andavatar near commits on github, make sure that the email address you are using on gitlab is one of the addresses inked to your github account as well. You'll see your gitlab username otherwise.
If you aren't hosting your own GitLab, GitLab.com has introduced this feature directly, without any workarounds.
From within a project use the gear icon to select Mirror Repository
Scroll down to Push to a remote repository
Checkmark Remote mirror repository: Automatically update the remote mirror's branches, tags, and commits from this repository every hour.
Enter the repository you want to update; for GitHub you can include your username and password in the URL, like so: https://yourgithubusername:yourgithubpassword#github.com/agaric/guts_discuss_resource.git —as noted in the comments, it is much better securitywise to use your GitHub access token here instead of login credentials; will update the answer when i've tested.
For WebHooks processing I'm using sinatra web server.
require 'sinatra'
post '/pew' do
puts JSON.parse request.body.read
# here can be placed signal code to run commit processing script
end
register webhook for push events(or other) to http://localhost:4567/pew within GitLab
and since this moment on each commit gitlab will be sending commit info to url.
Related
I've set up an account on github. I've uploaded my ssh public key.
On github I've created a new empty repo.
In my local environment I've set up git to manage a project. Now I'd like to push the project to github.
When I do 'git push -u origin main', I am asked for my username and password.
The first time I did this I received a message that directed me to the use of tokens. So I created a token. However, now I have to input my token ever time I push to github.
Up until recently I was able to push without entering a password/token thanks to the use of ssh keys. Is it possible to still use this?
If so, how do I get it working?
You can configure username and password by default and it wont ask you again and again, but make sure the username has access to that repository.
I received an email from GitHub stating:
You recently used a password to access the repository at username/repo with git using git/2.24.3 (Apple Git-128).
Basic authentication using a password to Git is deprecated and will soon no longer work. Visit https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/ for more information around suggested workarounds and removal dates.
So I'll need to use another method for standard command line for git commits pushed to GitHub, which shouldn't be a problem.
But I wonder does this affect deploy keys? For example, in automated processes that have been running for some months or years - should we prepare for changes?
I have checked the blog post, and note that there's still plenty of time (deprecation happens 13 August 2021), but it will be important to understand any affect on deploy keys in order to prepare.
No, deploy keys are unaffected. The only thing that's affected is using a password to authenticate to Git or Git LFS over HTTPS. If you use a personal access token or OAuth token over HTTPS or you use SSH at all (whether with a personal or deploy key), those are unaffected.
The reason for this change is because knowing an account's password allows you to log into that account, change the password, and configure virtually every setting. On the other hand, a token does not allow you to log in via the web interface and is typically restricted to a limited set of scopes, and it is pseudorandomly generated. Similarly, SSH keys are also restricted in their access and are not easily guessable.
As a result, the consequences of accidentally exposing your authentication credentials are lower and the set of credentials you replace it with is unlikely to be guessable from the old exposure.
You can change from https:// remote urls to git# urls (e.g. ssh)
git remote -v # check that your remote (e.g. origin) is using https://
git remote rm origin
git remote add origin git#github.com:ORGANIZATION_OR_USER/REPO_NAME.git
git fetch --all
git branch -u origin/master master
And then you can test it:
git pull
git commit --allow-empty -m "nothing"
git push
This one is rather complicated to describe. I have two github accounts, I will refer to them as github A and B.
I had created a local repo X and tried to connect it to a new remote repo I created on github account A. However, my default github login credetials were set for my github account B. I went through this tutorial and was able to add a second key created in my .ssh to allow me access to acct. A at will. This method worked and allowed me to add the new remote repo on github account A to my local repo X. I could then push origin to master just fine.
I then made a clone of the same repo X on github account A and placed it in a new local location (same drive, different folder) which I will refer to as local repo Y. I then tried to push changes to the same remote repo on github A and it denies me saying I'm trying to access using my username for my remote github B account.
I tried re-adding the remote url via the same special .ssh key previously created for repo X and use it for the local repo Y but it says it already exists.
I'm looking for a simple solution here, hopefully one exists. I would appreciate your help on this.
You can test what actual key is used with:
ssh -Tv <yourSSHConfigEntry>
Make sure to use an ssh URL like yourSSHConfigEntry:/ (no need to prefix it with git#: the User should be in your ~/.ssh/config file)
The idea is: your SSH config file should use the right private key, whose public key has been registered to the right GitHub account.
Check the remote URL: git remote -v. If it starts with git#github.com, it won't use the ssh config entry.
Type:
git remote set-url origin <my-github-acct-A>:<user>/<repo>
That will use the SSH config entry, and make sure the User in it is "git".
I'm pretty sure the issues you're running into are a result of managing multiple accounts on the same computer, regardless of the repos being duplicates.
If you haven't already, I'd suggest you take a look at the very detailed answers provided here.
I have been through this trouble many times and have resolved it by setting the ssh config rules or by enforcing the ssh-agent to have the correct ssh key alone.
I have documented the entire process and Freecodecamp published the article.
Here's the link! Hope this will help whenever you come across this use case. :)
In order for Jenkins to be able to have access to multiple repositories on the same server, I set the .ssh/config as follow:
Host a.github.com
HostName github.com
User git
IdentityFile ~/.ssh/project-a-id_rsa
# same for other repos
and set the Jenkins jobs' Source Code Management (SCM), to git and git#a.github.com:user/repo_a.git. It works fine.
Problem
I want those jobs to be triggered on push events so I set a webhook service in github, .i.e, Jenkins (GitHub plugin). The request received from the webhook are "POST for https://github.com/user/repo_a" which is a different host than the one set in the SCM, .i.e, a.github.com.
Because they are different, the job does not build automatically.
Ugly Solution
I got something running by setting the SCM to github.com and override the remote url of the project's git config once cloned with a.github.com. So the SCM would match the webhook, and jenkins when running git push would use the .ssh/config info.
Question
What else can I do ? Is there a better, easily automated way to achieve this?
I stopped using the deploy key and added my own account credentials on jenkins to be able to deal with all repositories without having to change the host with .ssh/config.
We recently moved our github from one account owner to another, and now all of the sudden when I do a git pull or any git command on the remote repo, it asks me for github username and password.
My git-config says:
[github]
user = kamilski81
token = *********
Any idea how I can stop it asking me for credentials and remember everything, does the new owner have to setup my ssh keys or something of that sort?
Following this article sorted it out for me:
https://help.github.com/articles/why-is-git-always-asking-for-my-password
git remote set-url origin git#github.com:user/repo.git
The github username and token in the gitconfig is only used for interactions with the GitHub API (for instance the hub gem and the github tool).
If you are pushing and pulling from a GitHub repository over https, then you need to specify your credentials every time, or hook into a password manager to remember the credentials for you. How to do this depends on your platform.
The easiest thing to do is to go to your github account and submit your SSH public key to your account, and then switch your github remote to push/pull over ssh instead of https.
[edit] After re-reading the question I noticed that you mentioned it was previously a GitHub repo that was just moved from one owner to another. If that's the case, and you ARE able to push and pull by specifying your credentials, it sounds to me to be one of two scenarios:
The previous remote used ssh, and GitHub has your SSH key; but when the owner changed and you updated the remote, you updated it to go over https.
The previous remote used https, but you had a password manager setup correctly to deal with your credentials, which no longer works.
After doing "remote -v"....the issue was that my remote was using an "https" remote rather than "git" remote. Changing the remote to use git rather than https solved everything.
If you execute only once git pull and Git client still asking you the credential without do the git pull for you, the problem should be because your credential is incorrect or not setup yet.
but if you get the dialog ask for credential one for each operation, it mean that your credential isn't remembered. To do that, you may use Pageant to store your SSH private key, so, everytime you do something, it will retrieve your credential from Pageant instead to asking you.