[almighty] Almighty Build Service and Private repositories
Tomas Nozicka
tnozicka at redhat.com
Thu Oct 27 10:34:28 UTC 2016
Hi Max,
On Wed, 2016-10-26 at 17:40 +0200, Max Rydahl Andersen wrote:
> Hi Tomas,
>
> Just some questions about terminology.
>
> > My recommendation is that we will start with supporting ssh keys
> > first
> > as well and have the interface open to add other types of
> > authentication methods.
> >
> > Github generally offers these methods[3]:
> > 1. HTTPS cloning with OAuth tokens
> > - probably too broad because you can access all repositories
> > user
> > has access to
> > - doesn't need ssh protocol (some repositories can be only
> > accessible through https, but that's rare)
> >
> > 2. Deploy keys
> > - Allow you to have special ssh key just for one repository (or
> > more
> > if you want)
> > - only for repository source code
> >
> > 3. Machine users
> > - Regular account, using ssh key
> > - You have to create them manually
>
> Which of the three above is what Github call access tokens ?
> (https://github.com/blog/1509-personal-api-tokens and
> https://help.github.com/articles/creating-an-access-token-for-command
> -line-use/)
>
> Is that what you call OAuth tokens ?
Yes.
They are actually the same terms as Github uses in their documentation
which I have referenced as [3]; your response kind of cut it off so
here is the link once more:
https://developer.github.com/guides/managing-deploy-keys/
here is another detail:
https://help.github.com/articles/git-automation-with-oauth-tokens/
I hope this helps you.
>
> And around Deploy keys - I couldn't find a way to limit access to
> specific repositories.
> Got a link/screenshot where that happens ?
The screenshot is in the reference [3] as well.
https://developer.github.com/guides/managing-deploy-keys/
You add the public deploy key per repository.
>
> /max
> http://about.me/maxandersen
More information about the almighty-public
mailing list