Azure Pipelines: I am getting fatal: could not read Username for 'https://github.com': terminal prompts disabled
Solution 1
I don't why but when you try push
after merge
git want the username & password.
Azure DevOps by default disable the prompt to enter the credentials and you got the error.
You can enable the prompt by set the environment variable GIT_TERMINAL_PROMPT
to 1
but during the build you can't enter the values and the build will hang.
To fix the error, just add the username & password or the Personal Access Token (PAT) in the git push
command:
git push https://username:password(or PAT)@github.com/username/reponame.git
The https://...
replace the origin
.
Solution 2
There is a built-in "service account" which is actually a PAT called Project Collection Build Service
, not to be confused with Project Collection Build Service Accounts
group.
From: https://marcstan.net/blog/2018/08/31/Mirror-github-gitlab-and-VSTS-repositories/
Trivia: In case you didn't know "$env:SYSTEM_ACCESSTOKEN" is a PAT (Personal/Private Access Token) that is auto generated by the build server (but disabled by default) and allows to authenticate against VSTS from inside your builds and releases. To enable it, you have select the "agent job" inside your build or release definition and check the "Allow scripts to access the OAuth token" checkbox under "Additional options".
There are two steps to this:
Step 1
To get rid of the fatal: could not read username for...
error, we need to allow scripts to access the OAuth token. If you're using the newest YAML-based Azure Pipeline, you'll be hunting high and low for "Allow scripts to access the OAuth token" option in the UI. The Microsoft answer is here. In your YAML file (azure-pipelines.yml
), add:
steps:
- checkout: self
persistCredentials: true
Step 2
After resolving the OP's error, I couldn't commit, receiving the error:
remote: 001f# service=git-receive-pack
remote: 0000000000aaTF401027: You need the Git 'GenericContribute' permission to perform this action. Details: identity 'Build\c21ba3ac-5ad4-de50-bc1a-12ee21de21f0', scope 'repository'.
remote: TF401027: You need the Git 'GenericContribute' permission to perform this action. Details: identity 'Build\c21ba3ac-5ad4-de50-bc1a-12ee21de21f0', scope 'repository'.
fatal: unable to access 'https://[username].visualstudio.com/[repo]/_git/[repo]/': The requested URL returned error: 403
We also have to give it permissions. From the same page as above. Add the user Project Collection Build Service
to your repo(s).
Note: The user (1) and not the group (2).
Grant:
Contribute: Allow
Create Branch: Allow
Create Tag: Allow (Inherited)
Read: Allow (Inherited)
HTH
Solution 3
Not the exact same situation you have but this was the only post that came close to my similar situation so I thought it's worth adding my solution here. I had this error in a hosted Ubuntu Azure Pipeline, running a shell command task to checkout, edit and push to git.
I got the error when attempting to push with command:
git push
I fixed it by changing the command to:
git -c http.extraheader="AUTHORIZATION: bearer $(System.AccessToken)" push
$(System.AccessToken) is a predefined variable in the Azure Pipelines: https://docs.microsoft.com/en-us/azure/devops/pipelines/build/variables?view=azure-devops&viewFallbackFrom=vsts&tabs=yaml
Related videos on Youtube
Comments
-
Muthurathinam over 3 years
I have powershell task configured in azure build pipelines to merge changes from dev into master of my github public repo and push changes to master. I am getting
fatal: could not read Username for 'https://github.com': terminal prompts disabled
Note:
- I have configured my gitconfig with my username and emailid.
- The git push is working fine when I do modifications in files and do commit and push but its throwing this error when i do merge and push
- I have sufficient privilege to push in the branch
Any help on this would be much appreciated. In case of more information needed, comment in this thread.
This is the actual snippet.
$branchName = $env:BRANCH_NAME; Write-Host "Getting SHA for last commit in the latest release" -ForegroundColor Blue; $latestReleaseCommitSHA = git rev-list --tags --max-count=1; if([string]::IsNullOrEmpty($latestReleaseCommitSHA)) { Write-Host "Unable to get the SHA for last commit in latest release" -ForegroundColor Red; EXIT 1; } Write-Host "SHA for last commit in the latest release is '$($latestReleaseCommitSHA)'" -ForegroundColor Green; Write-Host "Merging Changes till '$($latestReleaseCommitSHA)'" -ForegroundColor Blue; git merge $latestReleaseCommitSHA Write-Host "Checking Conflicted Files"; $conflictedFiles = git diff --name-only --diff-filter=U if (-Not [string]::IsNullOrEmpty($conflictedFiles)) { Write-Host "Unable to Merge" -ForegroundColor Red; Write-Host "There are conflicts in below files:" -ForegroundColor Cyan; Write-Host -Object $conflictedFiles -ForegroundColor Cyan; EXIT 1; } Write-Host "Merged changes to '$($branchName)'" -ForegroundColor Green; Write-Host "Pushing changes." -ForegroundColor Blue; git push origin HEAD:$branchName Write-Host "Pushed the changes to the $($branchName) branch." -ForegroundColor Green;
-
Shayki Abramczyk about 5 years@Muthurathinam try my answer below, I also got this error in merge and I solved it.
-
Vince Bowdren about 5 yearsHi @Muthurathinam, I hope you don't mind me asking : do you really need to script the merge and push? This sort of thing can normally be done much more easily within azure devops by using a Pull Request.
-
Muthurathinam about 5 yearsusing personal access token instead of username and password worked.
-
Doug over 4 yearsBuilding on this answer, if you still use the old URL format, this same page can be found here: https://[organization].visualstudio.com/DefaultCollection/[project]/_settings/repositories?repoGroup=true&_a=security
-
killercowuk over 4 yearsFrustratingly, I also hit the "You need the Git 'GenericContribute' permission" error during cake build script - even though the only thing I was pushing was a tag (eg. git push origin refs/tags/1.0.0.0) and the Create Tag permission was set to Allow! I would have preferred to not give contribute permission but appears this was still necessary.
-
Igor about 4 yearsInstead of pasting the password into command line, you can use system variable for that. See the answer by Darren Rogers below.
-
Jordan about 4 yearsAnother key item to go along with the command using
System.AccessToken
, you need to enableAllow scripts to access the OAuth token
in the Job's Additional Options section (which is mentioned in the link you included). -
aDisplayName over 3 yearsThis is very useful answer.
-
Nikita Kalimov almost 2 yearsWell, that is weird. I do not use the
checkout
step nor set any setting aboutAllow scripts to access the OAuth token
... yet I get access to the System.AccessToken variable. So they've updated the behavior? My steps are: 1. UseDotNet 2. GitVersion: Setup 3. GitVersion: Execute 4. Script: git tag + git -c http.extraheader... push