Skip to main content

Private packages must be cloned using access tokens provided by environment variables

The supported method for cloning private GitHub packages is the git token method, where an appropriate access token is passed into the package repository URL with an environment variable.

A small number of people have been able to clone private packages using dbt's native GitHub application without explicitly providing an access token. This functionality is being deprecated as it’s limited in flexibility.

If you have been using a package hosted in a private repository on GitHub, you must start passing an access token into the URL.

An example of passing an access token:


- git: "https://{{env_var('DBT_ENV_SECRET_GIT_CREDENTIAL')}}"