Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to clone repository with submodules with APP password authentication?

Vlad Griguta
Vlad Griguta January 5, 2022

I am trying to clone a repository with submodules via this command:

git clone --recurse-submodules https://USER@bitbucket.org/HOST/repo.git


And the following error occurs:

Cloning into 'repo'...
Password for 'https://USER@bitbucket.org':
remote: You'll need to authenticate with a valid app password. You can create an app password from your account at https://bitbucket.org/account/admin/app-passwords
fatal: unable to access 'https://USER@bitbucket.org/HOST/repo.git/': The requested URL returned error: 403



I have tried providing the password in the command (i.e.

git clone --recurse-submodules https://USER:APP_PASSWORD@bitbucket.org/HOST/repo.git

) and cloning via ssh. Both of these WORK for the main repo, but not for the submodules (which are set with http urls in .gitmodules). WITHOUT updating the .gitmodules, is there any way to clone the repository together with submodules?

Answer
Watch
Like Azmi likes this
4484 views

1 answer

1 accepted

0 votes
Answer accepted
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 7, 2022

Hi @Vlad Griguta and welcome to the community.

I have tried cloning a repo of mine with submodules with the command you are using:

git clone --recurse-submodules https://USER@bitbucket.org/HOST/repo.git

and I see no issues, the submodule was cloned as well. I suspect the error may be related to (possibly incorrect) credentials that are stored in your local credential manager.

Could you try clearing all Bitbucket Cloud credentials stored in your computer's credential manager and give it another try?
Also, just to be sure, does the URL of the submodules in your .gitmodules file have the following format?

https://bitbucket.org/WORKSPACE_ID/REPO_NAME

Kind regards,
Theodora

View More Comments
Vlad Griguta
Vlad Griguta January 7, 2022

Hi @Theodora Boudale, and thanks for your reply.

Firstly, I suspect your Bitbucket account was created prior to Sep 13 2021. As I understand from this post (https://bitbucket.org/blog/deprecating-atlassian-account-password-for-bitbucket-api-and-git-activity), authenticating over HTTPS with the Atlassian password has been deprecated for new users like myself. Hence, to reproduce my error one would have to create a new Bitbucket account and try to clone a repository.

I confirm that the format of submodules in .gitmodules matches yours. I am confident that these are correct, as they are used by other team members.

To be more specific, what is not clear to me from the aforementioned post on the login deprecation is how are we supposed to work with submodules via HTTPS. I understand how to clone the parent repository, and the following command does work:

git clone https://USERNAME:APP_PASSWORD@bitbucket.org/OWNER/REPO.git


However, if logging in is only available via app passwords, how could I persist the APP_PASWORD in the cloning of submodules? Is there a way to maybe set this as a global git credential that is added to the call when option --recurse-submodules is used?

Like
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 7, 2022

Hi @Vlad Griguta,

You are right, if your Bitbucket Cloud account was created after 13th September 2021, you will need to use an app-password instead of the Atlassian account's password when you clone/pull/push via HTTPS.

However, the deprecation of Atlassian account passwords doesn't have anything to do with persisting passwords: a credential manager should be able to store an app-password (after you use it for the first time) the same way that it stores a password.

Could you please let me know the following, so I can better help you?

1. What operating system are you working on?

2. Do you see any output if you run the following commands?

git config --system credential.helper
git config --global credential.helper

These will show if a credential helper has been set up for all users or for your user on your machine.

Kind regards,
Theodora

Like
Vlad Griguta
Vlad Griguta January 7, 2022

Hi @Theodora Boudale

Using a credential manager should work, thanks for suggesting.

1. Ubuntu 18.04.6 LTS

2. There is no credential helper set up for system or global.

Could you help setting that up?

Many thanks,
Vlad

Like susanpyne1 likes this
Theodora Boudale
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 10, 2022

Hi Vlad,

There are several options for Linux systems:

1. You can use “cache” which keeps credentials in memory for a certain period of time:

git config --global credential.helper cache

Credentials are not stored on disk, but they are removed after a certain period of time.
The default is 15 minutes, but you can configure it to another value, see the link below for more details in the Git Book:

2. The second option, which is also mentioned in the link above, is to store credentials in a certain file on your machine:

git config --global credential.helper 'store --file ~/.my-credentials'

The credentials will not expire/be removed like with the 'cache' option. However, the downside of this approach is that they are stored in plain text.

3. You could also install any other credential helper available for Linux, e.g. the following:

Kind regards,
Theodora

Like Vlad Griguta likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events