Hi Mark
If you are using HTTPS with user/pass currently you should be able to substitute a user account password in the dialog with a
personal access token generated with appropriate access to your repos for GoCD to do its thing as before.
Alternatively, you can generate an SSH keypair to identify GoCD; make the keypair available in the appropriate place on the underlying server and agent operating system, and permission that public key on an account per normal. However I believe this approach requires GoCD to identify itself the same way across all repos it has access to unless you use various ssh config/clone uri hijinx to tell it which key to use for which repo. There's an example of this
here, however you can also mount the keys into the approach location with appropriate permissions from a Kubernetes Secret if you are running GoCD in K8S. This approach is probably a lot clunkier if you have lots of different agent types, and not sure if there is an easier way.