Connecting Git
deploybase pulls source code from Git repositories to build deployments. Four providers are supported.
Supported Providers
Section titled “Supported Providers”| Provider | Clone URL Format | Token Type |
|---|---|---|
| GitHub | https://github.com/user/repo.git | Personal access token (classic) or fine-grained |
| GitLab | https://gitlab.com/user/repo.git | Project or personal access token |
| Bitbucket | https://bitbucket.org/user/repo.git | App password |
| Codeberg | https://codeberg.org/user/repo.git | Application token |
Configuration
Section titled “Configuration”Set the Git fields when creating or updating a project:
curl -X PATCH https://api.deploybase.eu/api/v1/projects/PROJECT_ID \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "git_repo_url": "https://github.com/user/repo.git", "git_provider": "github", "git_token": "ghp_xxxxxxxxxxxx", "default_branch": "main" }'| Field | Description |
|---|---|
git_repo_url | HTTPS clone URL. SSH URLs are not supported. |
git_provider | One of: github, gitlab, bitbucket, codeberg |
git_token | Access token with read permissions on the repository. Stored encrypted. |
default_branch | Branch that auto-promotes to production on deploy. Default: main |
Validating Credentials
Section titled “Validating Credentials”Before saving, verify that deploybase can access the repository:
curl -X POST https://api.deploybase.eu/api/v1/projects/validate-git \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "git_repo_url": "https://github.com/user/repo.git", "git_provider": "github", "git_token": "ghp_xxxxxxxxxxxx" }'Returns {"valid": true} on success, or a git_error_code explaining the failure (authentication, not found, etc.).
Token Permissions
Section titled “Token Permissions”Read access (required for all projects)
Section titled “Read access (required for all projects)”| Provider | Token Type | Required Permission |
|---|---|---|
| GitHub (fine-grained) | Fine-grained PAT | Contents: Read on target repo |
| GitHub (classic) | Classic PAT | repo scope (or public_repo for public repos) |
| GitLab | Project access token | read_repository scope |
| GitLab | Personal access token | read_api scope |
| Bitbucket | App password | Repositories: Read |
| Codeberg | Application token | repository read access |
Auto-deploy (webhooks)
Section titled “Auto-deploy (webhooks)”Enabling auto-deploy requires additional permissions to create and manage webhooks:
| Provider | Token Type | Additional Permission Needed |
|---|---|---|
| GitHub (fine-grained) | Fine-grained PAT | Webhooks: Read & write on target repo |
| GitHub (classic) | Classic PAT | Already covered by repo scope |
| GitLab | Project access token | api scope (includes webhooks) |
| GitLab | Personal access token | api scope (not just read_api) |
| Bitbucket | App password | Webhooks: Read and write |
| Codeberg | Application token | write:repository scope |
Without these permissions, git validation will succeed but webhook registration will fail when auto-deploy is enabled.
Private Repositories
Section titled “Private Repositories”Private repositories work identically to public ones — provide a token with read access. The token is used only during git clone at build time and is never exposed in build logs.