How to use Github Personal Access Token in Jenkins

Question

I can ask this question in many ways, like How to configure Jenkins credentials with Github Personal Access Token How to clone Github repo in Jenkins using Github Personal Access Token

So this is the problem

---

The alternate solution that I am aware of

• SSH connection
• username password configuration in Jenkins. However, use of a password with the GitHub API is now deprecated.

But My question is how to setup Github connection with Jenkins using Personal Access Token

Answer 1

[UPDATE] The new solution proposed by git is

https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/

Which says:

Beginning August 13, 2021, we will no longer accept account passwords when authenticating Git operations and will require the use of token-based authentication, such as a personal access token (for developers) or an OAuth or GitHub App installation token (for integrators) for all authenticated Git operations on GitHub.com. You may also continue using SSH keys where you prefer.

What you need to do:

https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations/#what-you-need-to-do-today

Basically, change the add URL as

https://<access token>@github.com/<userName>/<repository>.git

Something like this

https://<access token>@github.com/dupinder/NgnixDockerizedDevEnv.git

and set the credentials to none.

Thanks to @Gil Stal

---

[OLD Technique]

After many discussion on multiple threads from Stackoverflow

I found one thread that is useful.

Refer to this answer: https://stackoverflow.com/a/61104603/5108695

---

Basically Personal access token can be used as a password, as far as Jenkins is concerned at least. I added new credentials to the credential manager.

Go to Jenkins

• Go to credentials > System > Global credentials > Add credentials a page will open.
• In Kind drop-down select Username and password.
• In User put a non-existing username like jenkins-user or user.
• Add Personal Access Token in the password field

---

Now start configuring your project.

• source code management tab, select new configured credentials from Drop-down near credential Under Repository URL

So this is how we can configure or setup Authentication between Jenkins and Github using Personal Access Token

References:
Git Clone in Jenkins with Personal Access Token idles forever
Change jenkins pipeline to use github instead of gitlab

Answer 2

The accepted answer wont work anymore because of this: https://github.blog/2020-12-15-token-authentication-requirements-for-git-operations.

You will need to:

1. Change the URL of the repo to: https://<access token>@github.com/<user-name>/<repo-name>.git (Replace every <...> with the real parameters)

2. Set the credentials to none.

Answer 3

As for credentials for Jenkins Github Plugin, please be aware only Personal access tokens are now accepted by this plugin.

To generate such a token, follow the Github docs (e.g. here). Don't save it, it can be regenerated in Github and updated in Jenkins if lost or when migrating to a different server.

To add the token do Jenkins credentials store, go to <JENKINS_URL:PORT>/credentials/store/system/domain/_/newCredentials and select Kind "Secret text" (not the default "Username and password"), then paste the token as Secret and choose some ID.

Testing: the credential should appear on the list of Credentials at <JENKINS_URL:PORT>/credentials/ and be selectable from the drop-down list at <JENKINS_URL:PORT>/configure/, where pressing the "Test connection" button should display "Credentials verified for user <GITHUB_USER>".

More info: see the Github plugin docs.

Answer 4

As of August 2021 the answer posted by Dupinder Singh is accurate. The only thing I would add is that if you are part of a team, the url format appears to be a bit different. This is what worked for me:

https://<access token>@github.com/<team>/<repo>.git

for example

https://[email protected]/MyKuleTeam/KuleGuyCode.git

Note that if you use a personal access token you don't need to have any github credentials stored in jenkins.

Answer 5

There is (yet another) way to do this as of 2020/04 which is supposed to be superior to personal access tokens. The best part is that you can continue using a username/password-style credential, and the plugin will handle authenticating with GitHub in the background.

Benefits include:

• Larger rate limits - The rate limit for a GitHub app scales with your organization size, whereas a user based token has a limit of 5000 regardless of how many repositories you have.

• User-independent authentication - Each GitHub app has its own user-independent authentication. No more need for 'bot' users or figuring out who should be the owner of 2FA or OAuth tokens.

• Improved security and tighter permissions - GitHub Apps offer much finer-grained permissions compared to a service user and its personal access tokens. This lets the Jenkins GitHub app require a much smaller set of privileges to run properly.

• Access to GitHub Checks API - GitHub Apps can access the the GitHub Checks API to create check runs and check suites from Jenkins jobs and provide detailed feedback on commits as well as code annotation

Links:

• https://www.jenkins.io/blog/2020/04/16/github-app-authentication/
• https://github.com/jenkinsci/github-branch-source-plugin/blob/master/docs/github-app.adoc