Ansible: clone repo or install helm chart from private github

Solution 1:

Personal access tokens can only be used for HTTPS Git operations.

GitHub documentation: using-a-token-on-the-command-line

The token can be used as a password when using https. So it might be necessary switch the remote from git to https when a token should be used as a password.

In general the token is mainly meant as a secyre authentication mechanism against the REST API:

As previously announced, beginning November 13th, 2020, we will no longer accept account passwords when authenticating with the REST API and will require the use of token-based authentication (e.g., a personal access, OAuth, or GitHub App installation token) for all authenticated API operations on GitHub.com. GitHub announcement

The token could be used to manage the access to GitHub repos like so:

- name: Read SSH public key to authorize
  ansible.builtin.shell: cat /home/foo/.ssh/id_rsa.pub
  register: ssh_pub_key

- name: Authorize key with GitHub
  local_action:
    module: github_key
    name: Access Key for Some Machine
    token: '{{ github_access_token }}'
    pubkey: '{{ ssh_pub_key.stdout }}'

Ansible github_key_module

But in my reading of the announcement it is not meant to replace ssh public key authentication for normal Git operations. So it should be possible to continue to clone repos from GitHub authenticating with ssh keys or with a token when using https protocol for the remote.