Terra

GitHub Integration: Persistent PAT Authenticaion

To avoid entering your Personal Access Token (PAT) every time you restart your Terra Cloud Environment, follow these steps to store your credentials on your Persistent Disk. This assumes that your Repo is already available on GitHub. By following the steps below, Git creates a hidden file at ~/.git-credentials.

  • Because this file is in your home directory, it lives on your Terra Persistent Disk.
  • Even if you “Stop” your environment or “Restart” it to change your cloud resources (CPUs/RAM), this file stays put.
  • The next time you open a terminal and run git push, Git will check that file and log you in automatically.
  • If you delete your persistent disk or you create a new workspace, you will need to repeat these steps.

1. Create your PAT

You create PAT by going to the Personal Access Tokens sections in Settings/Developer Settings on GitHub.

TipSecurity Best Practice

Use a Fine-grained PAT restricted only to the repositories you need for this project and minimal permissions (e.g. “Contents” read/write)

Lab Organization Access

If the repository is hosted under the krantzlab organization, follow these additional steps:

  • Change Resource Owner: When creating your Fine-grained PAT, ensure the “Resource Owner” is set to krantzlab, not your personal account.
  • Request Approval: After generating the token, notify an adminstrator. The token will remain “Pending” and will not work for pushes/pulls until an administrator approves it in the Organization settings.
  • Use Individual Tokens: Never share tokens. Your commit history must accurately reflect your individual contributions.

2. Configure the Storage Helper

Run the following in the Terra terminal to ensure your credentials stay saved across restarts:

git config --global credential.helper store

3. Set Your Identity

git config --global user.name "Your Name"
git config --global user.email "your-email@example.com"

4. Authenticate

Run a git pull or git clone. When prompted, enter your GitHub username and use your PAT as the password.

Tipgit clone with HTTPS

When using PAT, you clone with HTTPS (i.e. the web URL)