[almighty] Almighty Build Service and Private repositories
Max Rydahl Andersen
manderse at redhat.com
Wed Oct 26 15:40:53 UTC 2016
Hi Tomas,
Just some questions about terminology.
> My recommendation is that we will start with supporting ssh keys first
> as well and have the interface open to add other types of
> authentication methods.
>
> Github generally offers these methods[3]:
> 1. HTTPS cloning with OAuth tokens
> - probably too broad because you can access all repositories user
> has access to
> - doesn't need ssh protocol (some repositories can be only
> accessible through https, but that's rare)
>
> 2. Deploy keys
> - Allow you to have special ssh key just for one repository (or
> more
> if you want)
> - only for repository source code
>
> 3. Machine users
> - Regular account, using ssh key
> - You have to create them manually
Which of the three above is what Github call access tokens ?
(https://github.com/blog/1509-personal-api-tokens and
https://help.github.com/articles/creating-an-access-token-for-command-line-use/)
Is that what you call OAuth tokens ?
And around Deploy keys - I couldn't find a way to limit access to
specific repositories.
Got a link/screenshot where that happens ?
/max
http://about.me/maxandersen
More information about the almighty-public
mailing list