configure teamcity with github, why do i need a git password if i use OAuth?

Question

i'm trying to configure teamcity with my github.

the first step was to use OAuth in git in order to secure the connection between teamcity and git, that seemed to work ok, and now, when i go to add a new VCS root, i can see all of my git repositories and choose from them.

the issue i have is when i try to add this VCS root, i choose a git repository, and then i need to enter a username and password.

my question here is why do i need to enter my git username and password if i'm using Oauth? my connection to git is already secured, and i could see all of the repositories to choose from.

if i change the "Authentication method" to "Anonymous" it doesnt work, the only way the connection is working for me is if i use my git username, and my git token.

Answer 1

When you connect TeamCity to GitHub with help of OAuth, you grant TeamCity server permissions to make REST API calls to GitHub on your behalf. But to checkout source code this is not enough. Simply because your git executable knows nothing about OAuth tokens and all these OAuth specific flows. It expects a password or SSH key.

So for this to work TeamCity needs to generate something that can be used as a password. Fortunately in case of GitHub a regular OAuth token can be used as such because it's permanent. Bitbucket cloud does not have permanent tokens, instead they propose using Application passwords. But there is no way to generate such passwords on behalf of a user... So with Bitbucket and private repository only user can generate and type in this password.

There can be a confusion associated with "Password" word in TeamCity web interface. But there is no common notation even among popular Git hosting services. Maybe if you start thinking in terms of Git client, then it will makes sense. For Git client this is indeed a password.