Jenkins Github Branch Source Plugin Failing with Github Token after today's Github auth changes
I am currently facing an issue with Jenkins <> Github integration due to today's Github auth changes deprecating user/pass auth and the current Github branch source plugin.
Deprecation info: https://developer.github.com/changes/2020-02-14-deprecating-password-auth/#removal
Plugin: https://github.com/jenkinsci/github-branch-source-plugin
- Jenkins: 2.249.3
- Github branch source plugin 2.9.1 (latest)
- This jenkins install is private only (not public facing)
- The repo being accessed is private (not public facing)
- The Github token has full repo access
Issue:
The plugin forces user/pass auth which Github no longer accepts. The instructions state to put the TOKEN in the password field but it still complains after I've done that:
The API can't be accessed using username/password authentication
https://developer.github.com/changes/2020-02-14-deprecating-password-auth/#removal
Instructions state: "Only username/password credentials are supported" and instructs to add the Token in the password field (screenshot shows this)
The attached screenshot shows the debacle clearly:
Questions to ServerFault:
- Am I entering the token wrong for the credentials? I've tried:
- a null user, with the token as the password
- The token as the user & pass
- The token description as the user, with the token as the password
- Normally I would submit a Github issue to a developer about an app issue. However since there is no "Issues" component to submit issues to the plugin developer, I wanted to ask my question here, in case others have hit this.
Exactly same story here. Your post inspired me to dig deeper and I found a solution.
Go to the "System Configuration" (sorry, my Browser is set to german and I don't know the exact wording) and create new credentials for the GitHub server in "Secret Text" format. Use the Personal Access Token as secret and give it a description.
Verify with the "Test connection" button. It should print out the following:
Credentials verified for user your-cool-username, rate limit: 4876
GitHub API server settings
Now in the project it still forces me to use username/password credentials but it somehow seems to work with the global GitHub API settings we changed.
My username/password credential settings
There references in the plugins code about checkout via SSH (see here in the repo), but I couldn't find a way to use key auth. It puzzles me a bit that my solution works, I didn't expect that.
Edit: I actually found a checkout via SSH checkout option, not sure/expecting do better.
- a null user, with the token as the password
- The token as the user & pass
- The token description as the user, with the token as the password
None of these worked for me, however
- the GitHub username as user, the token as password
did.