Failing to git push with project access token


I have some automated job which regularly pushes commits using a personal access token, like this:

git push https://myusername:${PERSONAL_ACCESS_TOKEN}

It works.

However, because my own personal token is used, the pushed commits are reported as coming from me.
I would prefer them to come from a bot user.
I tried to use the new project access tokens

I went to mygroup/myproject settings and created a project access token with write_repository scope.
Alas, the git push fails:

$ git push https://myusername:${PROJECT_ACCESS_TOKEN}
remote: HTTP Basic: Access denied
fatal: Authentication failed for ''

Shouldn’t this work?
The doc explicitly mentions using the token for API access, but not for git access (But what would be the purpose of the write_repository scope without a git access ?).
I’m using gitlab 13.3.1-ee.

I am not sure, but have you tried with git push https://project_{project_id}_bot:${PROJECT_ACCESS_TOKEN} Using project_{project_id}_bot instead of myusername?

1 Like

Thank you for your help

have you tried with git push https://project_{project_id}_bot:${PROJECT_ACCESS_TOKEN}

I just tried, using the bot username I could find at
(because I made several attempts, the format is project_{project_id}_bot{bot_number}).

It did not work.

This was expected: AFAIK the username is not used at all. I can sucessfully push with

git push https://whatever:${PERSONAL_ACCESS_TOKEN}
1 Like

I don’t know if you are the same user, but someone raised the same issue on the Gitlab issue tracker, so I suppose the best thing is waiting for a triage by someone from the Gitlab team:

1 Like

yes this is the same issue (and I’m not the reporter).

I reached Gitlab support which confirmed there is currently no workaround.

They also hinted at tweaking the author (in git config) for commits done by the automated job in order to distinguish them from the ones I do myself.
This is a good idea.
However, the pipelines triggered when the job pushes those commits still appears as being triggered by me.
I’ll wait for the project token to be fixed to improve that part.

Thank you again!