Page History

...

The update command pull eventual updates and rebuild the tooling if necessary. Note: if your computer is behind a HTTP(S) proxy, ensure that you have set the HTTPS_PROXY environment variable correctly.

Configuring

Personal Access Token

Some of the Skara tools requires a personal access token (PAT) to authenticate against an external Git source code hosting provider's API. A personal access token is a like a password that has limited capabilities, it can only be used to successfully authenticate and perform certain limited actions. The following Skara tools requires a personal access token:

...

If you do not intend to use the above tools, then there is no need to set up a PAT and you can skip this section. If you want to make use of the above tools, then please read on. To set up and store a person access token, please see the instructions in one of the following sections depending on your operating system and environment.

Windows

...

Credential Manager

...

To store the personal access token you are about to generate you need a Git credential manager. If you installed Git via https://gitforwindows.org/ (recommended) then you already have a credential manager from Microsoft installed (it is bundled with "Git for Windows"). If you installed Git via some other mechanism, then you must first install https://github.com/Microsoft/Git-Credential-Manager-for-Windows.

...

Personal Access Token

To generate a a Personal Access Token on GitHub go to https://github.com/settings/tokens and and click on "Generate new token". You only need to select the "repo" scope (permission). After you have generated your token, store it in the Git Credential Manager for Windows using git token store:

> git token store https://github.com
Username: <insert your Github username>
Password: <insert your "Personal Access Token", not your GitHub password>

macOS

Credential Manager

macOS already comes with a password manager in the form of Keychain and Git for macOS is configured out of the box to use Keychain as a credential manager, there is no need to configure anything.

Personal Access Token

To generate a a Personal Access Token on GitHub go to https://github.com/settings/tokens and and click on "Generate new token". You only need to select the "repo" scope (permission). After you have generated your token, store it in Keychain using git token store:

$ git token store https://github.com
Username: <insert your Github username>
Password: <insert your "Personal Access Token", not your GitHub password>

GNU/Linux

On GNU/Linux the way you will store the personal access token you are about to generate depends on your desktop environment. If you are using the a desktop environment with support for the GNOME Keyring, then follow the instructions in the GNOME section. If you are using GNU/Linux installation without a desktop environment or with a desktop environment that does not support the GNOME Keyring, see the Other section for instructions.

GNOME

On GNU/Linux the recommended setup is to use libsecret and the "libsecret credential helper" in order to use GNOME Keyring as the Git credential manager. Please follow the instructions for setting up libsecret for the GNU/Linux distribution you are using, then proceed to generate a personal access token.

Fedora

Fedora 29 and 30 comes with libsecret and GNOME Keyring installed by default. When you install the git package you also get the libsecret credential helper installed. To configure git to use the libsecret credential helper run:

...

sudo dnf install seahorse

Ubuntu

Ubuntu 19.04 and 18.04.2 (LTS) comes with libsecret and GNOME Keyring installed by default. Unfortunately even if you install the Git package you will not get a binary version of the libsecret credential helper installed (you only get the source). This means you have to compile the libsecret credential helper yourself. This is easy to do, it just requires two extra commands:

...

$ git token store https://github.com
Username: <insert your Github username>
Password: <insert your "Personal Access Token", not your GitHub password>

Other

If you are using an environment or distribution without support for GNOME Keyring (for example if you are connecting to a GNU/Linux server over SSH), or if you want to use your own scheme for storing the PAT, then that is also supported. You can store non-sensitive data such as your username and the URL of the Git source code hosting provider in your ~/.gitconfig file in the "credential" section:

...

For the PAT itself, all Skara tools interacting with an external Git source code hosting provider's API supports the GIT_TOKEN environment variable. This means that instead of storing your PAT in a secure way in a Git credential manager you will have to secure the PAT yourself according to your security requirements. To generate a a Personal Access Token on GitHub go to https://github.com/settings/tokens and and click on "Generate new token". You only need to select the "repo" scope (permission). The following sections then give a few examples on how to securely store the PAT you just generated depending your security needs.

GPG

You can use GnuPG (GPG) to store your PAT in an encrypted file. The file can be encrypted either using a GPG key or using a passphrase. If you have a GPG key you probably already know how to encrypt a file with it, so we will only cover encrypting using a passphrase here. To encrypt the PAT in a file using a passphrase, run the following command (replacing <PAT> with your personal access token):

...

GIT_TOKEN=$(gpg --decrypt ~/pat.gpg) git pr list

age

You can use age to store you PAT in an encrypted file. To encrypt the file using a passphrase, run the following command (replacing <PAT> with your personal access token):

...

$ GIT_TOKEN=$(age --decrypt ~/pat.age) git pr list

File Permissions

...