[almighty] Almighty Build Service and Private repositories
Max Rydahl Andersen
manderse at redhat.com
Thu Oct 27 12:03:33 UTC 2016
>>> 3. Machine users
>>> - Regular account, using ssh key
>>> - You have to create them manually
>>
>> Which of the three above is what Github call access tokens ?
>> (https://github.com/blog/1509-personal-api-tokens and
>> https://help.github.com/articles/creating-an-access-token-for-command
>> -line-use/)
>>
>> Is that what you call OAuth tokens ?
> Yes.
> They are actually the same terms as Github uses in their documentation
> which I have referenced as [3]; your response kind of cut it off so
> here is the link once more:
> https://developer.github.com/guides/managing-deploy-keys/
> here is another detail:
> https://help.github.com/articles/git-automation-with-oauth-tokens/
>
> I hope this helps you.
it does - they seem to mix oauth tokens wit access tokens rather
liberally which
confused me at first.
>> And around Deploy keys - I couldn't find a way to limit access to
>> specific repositories.
>> Got a link/screenshot where that happens ?
> The screenshot is in the reference [3] as well.
> https://developer.github.com/guides/managing-deploy-keys/
> You add the public deploy key per repository.
Got it - I was looking under my own personal ssh keys, and expecting
deploy keys to
be what I would manage - but instead it is per repo thus you'll have to
set the deploy key multiple times if need be.
Makes sense - and now I got it :)
And now I grok that the interesting part is that the public key on
GitHub is not a private thing
but almighty need to somehow give the build service access to the
private key before we can
even look into the repo.
/max
http://about.me/maxandersen
More information about the almighty-public
mailing list