Skip to main content
Ona connects to your existing Git provider to clone repositories into environments, push commits, and enable agents to interact with pull requests and issues. Source control integration is the bridge between your code host and Ona’s runner infrastructure.

Why source control integration matters

Ona environments need access to your repositories. Without a configured Git provider, environments can’t clone code, and agents can’t open pull requests or manage issues on your behalf. Because Ona uses a two-plane architecture, source control credentials are handled entirely by runners — never by the management plane. This means:
  • Your code stays where you choose. With a self-hosted runner, source code and source control management (SCM) credentials never leave your infrastructure. With Ona Cloud, code runs on Ona-managed infrastructure separate from the management plane.
  • Authentication is per-user. Each developer authorizes their own access via OAuth or a Personal Access Token (PAT). Ona uses these credentials to clone repos and push changes on behalf of that user.
  • Agents inherit your permissions. When an agent creates a pull request or adds a review comment, it acts using the environment owner’s SCM credentials and respects the same repository permissions.

How it works

Source control configuration happens at two levels:
  1. Runner level — An administrator configures which Git providers and authentication methods (OAuth, PAT) are available on a runner. This determines what providers developers can connect to.
  2. User level — Each developer authorizes access to their Git provider. On first environment creation, Ona prompts for authorization using the methods the administrator configured.
When a developer or agent starts an environment, the runner uses the developer’s credentials to clone the repository. All subsequent git operations (commits, pushes, fetches) use the same credentials within that environment.

Supported providers

ProviderOAuthPATAgent SCM tools
GitHubYesYesYes
GitLabYesYesYes
Bitbucket CloudYesPlannedNo
Azure DevOpsYesYesNo
Agent SCM tools give agents the ability to complete full development workflows — creating pull requests, managing issues, and adding code review comments — directly through your provider’s API, without leaving the environment.

Organization controls for SCM tools

Administrators can control whether agents are allowed to use SCM tools across the organization. This is useful when your team requires human review of all SCM interactions, or when rolling out agent-assisted workflows gradually.
Agent policy settings showing SCM Tools toggle with access restriction options
Configure this in Settings > Agents. When SCM tools are disabled, agents can still clone, commit, and push code using git — they just can’t interact with your provider’s API to create PRs or manage issues. See SCM tools policy for details.

Setting up Git authentication

To connect a Git provider to your Ona account:
  1. Set up the SCM integration for your runner at Settings > Runners. This is required for Enterprise only.
  2. Connect or disconnect available providers at Settings > Git Authentications
For provider-specific setup instructions including required scopes and OAuth app configuration, see the individual provider pages above.

Troubleshooting

”Failed to create provider” error

If you see “Failed to create provider - Aborted: operation cancelled” when configuring repository access, switch from Personal Access Token to OAuth authentication. OAuth provides a more reliable connection for repository access configuration.