I want to clone a 2FA enabled private GitHub repo to my azure pipeline. My configuration is as follows.
trigger: none
pr:
branches:
include:
- azure
pool:
vmImage: ubuntu-latest
steps:
- script: |
echo "--------------- Clone 2FA enabled private repo ---------------"
git clone https://github-azure-pipeline-user:$(PAT)@github.com/parent-org/2fa-enabled-github-repo.git
echo "--------------- Clone Completed ---------------"
displayName: 'Clone 2FA enabled private repo'
Personal access token(PAT) for github-azure-pipeline-user
is configured as a variable from the Azure DevOps UI. The issue is when the type of the variable PAT
is changed to secret
from the UI, the git clone does not work. Authentication failed error is displayed.
--------------- Clone 2FA enabled private repo ---------------
Cloning into '2fa-enabled-github-repo'...
remote: Invalid username or password.
fatal: Authentication failed for 'https://github.com/parent-org/2fa-enabled-github-repo.git/'
--------------- Clone Completed ---------------
When PAT
is set as a plain text variable, this works without an issue.
Is this a bug in Azure pipelines or am I doing something wrong?