启用 gitlab 的第二因素身份验证后如何使用 git 命令

As explained in using gitlab token to clone without authentication, you can clone a GitLab repo using your Personal Access Token like this:

git clone https://oauth2:ACCESS_TOKEN@gitlab.com/yourself/yourproject.git

As for how to update your existing clones to use the GitLab Personal Access Token, you should edit your .git/config file in each local git directory, which will have an entry something like this:

[remote "origin"]
url = https://yourself@gitlab.com/yourself/yourproject.git

Change the url:

[remote "origin"]
url = https://oauth2:ACCESS_TOKEN@gitlab.com/yourself/yourproject.git

Now you can continue using this existing git clone as you did before you enabled 2FA.

Clone current repo with git clone ${CI_REPOSITORY_URL}

Clone other repos with git clone https://oauth2:${PERSONAL_ACCESS_TOKEN}@gitlab.com/acme/my-project.git. Gitlab uses "oauth2" + token convention to populate OAuth2 Authentication headers, but I could not find official documentation for this.

Enable current repo modifications with git remote set-url origin ${CI_PROJECT_URL/gitlab.com/oauth2:${PERSONAL_ACCESS_TOKEN}@gitlab.com}.git

Here is a job that tags the current repo, using git push:

build_rpms:
stage: package
script:
- echo "Build RPMs. Add tag v1.9d"
- apk add git
- git config --list


# --force is needed for both tag and push to allow job replay
- git tag v1.9d --force


# Enable pushing from CI pipeline:
#
# At that point git origin points to CI_REPOSITORY_URL=
# https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com/acme/my-project.git
# This setup does not allow modifications (i.e git push will be rejected).
#
# We use Gitlab Personal Access Token with 'write' access. This token shall
# be generated via Gitlab user settings and then it shall be added as a masked
# environment variable for this project CI settings.
#
# Use "oauth2" as user. For example for CI_PROJECT_URL=https://gitlab.com/acme/my-project
#   set origin to https://oauth2:wSHnMvSmYXtTfXtqRMxs@gitlab.com/acme/my-project.git
#
- git remote set-url origin ${CI_PROJECT_URL/gitlab.com/oauth2:${PERSONAL_ACCESS_TOKEN}@gitlab.com}.git
- git remote -v


# Use -o ci.skip option to avoid triggering pipeline again
- git push origin v1.9d --force -o ci.skip
when:
manual

Visit the below link and enter your Name and Expiry Date.

Then click on the different checkboxes like read_user, read_repository, write_repository, etc for access scopes and create a new Personal Access Token and store it in a secured location

https://gitlab.com/profile/personal_access_tokens

Now when you do a git pull, git clone, git push, etc you can enter your username/email as the Username and enter the newly created Personal Access Token as Password

I used the generated Personal Access Token as the password when prompted to enter credentials.

This allowed me to just use the standard Git Clone syntax without entering anything additional.

When you generate, copy the token. This is the password that will be stored in Credential Manager when you clone. Use that as your password instead of your git password.

See the link below enter link description here

You just need to create a new token for your profile! To do this,

1. click on your photo and then enter the Edit Profile section
2. click on Access Tokens
3. Create a new token with the permissions you need
4. Now copy the created token according to the photo below enter image description here
5. git clone https://github.com/YOUR-USERNAME/YOUR-REPOSITORY
6. Enter your username, but use the created token instead of the password!

A user-friendly alternative to personal access tokens is Git Credential Manager which does secure OAuth authentication via web browser. Documentation at https://docs.gitlab.com/ee/user/profile/account/two_factor_authentication.html#git-credential-manager