Airflow allows for two types of documented access to git:
sshgitlab now requires SSH only; and in the case of a local deployment of gitlab, an available security configuration is 2FA or token-based authentication.
In my org, token-based authentication is by far the easier of the two methods I might be able to authenticate (ssh or tokens), but I am not sure I'll be able to do it with ssh. I am pretty sure the path forward is with tokens.
This question amounts to: how do I configure airflow to authenticate with git using an access token?
And I say this having successfully configured airflow on kubernetes to use the USERNAME/PASSWORD method for GITSYNC, and generating the following error message, which is familiar to me in other contexts:
{
"logger": "",
"ts": "2024-08-30 21:52:28.182461",
"caller": {
"file": "main.go",
"line": 784
},
"msg": "too many failures, aborting",
"error": "Run(git ls-remote -q https://gitlab...../my-path/my-private-repo.git the-branch the-branch^{}): exit status 128: { stdout: \"\", stderr: \"remote: HTTP Basic: Access denied. The provided password or token is incorrect or your account has 2FA enabled and you must use a personal access token instead of a password. See https://gitlab........./help/topics/git/troubleshooting_git#error-on-git-fetch-http-basic-access-denied\\nfatal: Authentication failed for 'https://gitlab........./my-path/my-private-repo.git/'\" }",
"failCount": 1
}
This was an XY problem.. The way you clone with a token using gitlab is:
git clone https://oauth2:[email protected]/project.git