Skip to main content
Ona connects to your existing Git provider to clone repositories into environments, push commits, and enable agents to interact with pull requests and issues. Source control integration is the bridge between your code host and Ona’s runner infrastructure. Ona’s two-plane architecture keeps source control credentials on runners. They never reach the management plane.
  • Your code stays where you choose. With a self-hosted runner, source code and SCM credentials never leave your infrastructure. With Ona Cloud, code runs on Ona-managed infrastructure separate from the management plane.
  • Authentication is per-user. Each developer authorizes their own access via OAuth or a Personal Access Token (PAT). Ona uses these credentials to clone repos and push changes on behalf of that user.
  • Agents inherit your permissions. When an agent creates a pull request or adds a review comment, it acts using the environment owner’s SCM credentials and respects the same repository permissions.

How it works

Source control configuration happens at two levels:
  1. Runner level: An administrator configures which Git providers and authentication methods (OAuth, PAT) are available on a runner. This determines what providers developers can connect to.
  2. User level: Each developer authorizes access to their Git provider. On first environment creation, Ona prompts for authorization using the methods the administrator configured.
When a developer or agent starts an environment, the runner uses the developer’s credentials to clone the repository. All subsequent git operations (commits, pushes, fetches) use the same credentials within that environment.

Supported providers

ProviderOAuthPATAgent SCM tools
GitHubYesYesYes
GitLabYesYesYes
Bitbucket CloudYesPlannedNo
Azure DevOpsYesYesNo
Agent SCM tools let agents create pull requests, manage issues, and add code review comments directly through your provider’s API.

Organization controls for SCM tools

Administrators can control whether agents are allowed to use SCM tools across the organization. This is useful when your team requires human review of all SCM interactions, or when rolling out agent-assisted workflows gradually. Agent policy settings showing SCM Tools toggle with access restriction options Configure this in Settings > Agents > Policies. When SCM tools are disabled, agents can still clone, commit, and push code using git, but cannot interact with your provider’s API to create PRs or manage issues. See SCM tools policy for details.

Setting up Git authentication

To connect a Git provider to your Ona account:
  1. Set up the SCM integration for your runner at Settings > Runners. This is required for Enterprise only.
  2. Connect or disconnect available providers at Settings > Git Authentications
For provider-specific setup instructions including required scopes and OAuth app configuration, see the individual provider pages above.

Troubleshooting

If you see Failed to create provider - Aborted: operation cancelled when configuring repository access, switch from Personal Access Token to OAuth authentication.