Understanding GitHub VCS integration and access tokens
We are using a GitHub VCS integration in YouTrack. We've forgotten the details of the setup, when it was first created.
We've noted that it uses a “personal access token”. I believe we used a fine grained access token, as we no longer utilize the old tokens due to security concerns. As we are now required to regenerate it (due to expiry), I'd expect the integration to no longer function, without setting a new access token. However, it still successfully fetches commits.
Should I not be required to update the “person access token” field when regenerating due to expiry?
Does the integration have some other mechanism of staying integrated, that I've missed?
Please sign in to leave a comment.
Hi Halvor! YouTrack doesn't fetch these commits; instead, GitHub uses webhooks to connect and send the data to YouTrack. So the token expiry does not affect this process after the integration has been set up.
Thank you Stanislav Dubin. I see the webhooks now.
So after a repo is set up using GitHub VCS integration, the access token is useless.
But to add a new repo as a GitHub VCS integration it will during setup require a access token.
Is that correct?
The token isn't completely useless in the existing integration either, as it can be used if you want to do the “Import commits and open pull requests” option. If you set up a new integration, a working token will be required.
Stanislav Dubin - that makes sense, but I don't see anywhere in the “VCS Integration” screen that allows you to update the token of an existing GitHub integration. Does that mean that once the token has expired you'd need to setup a new VCS Integration if you wanted to perform the “Import commits and open pull requests” action?
Sam you should be able to change the token by editing the repository settings in the existing GitHub integration.
I. Select your existing GitHub integration and click the button in the expanded sidebar:
II. Fill in the new token value:
Thanks Stanislav Dubin, managed to completely miss that one. I can see that option now.