Private repos using github oauth tokens #387
Comments
|
@vektah Handling this well in a CI system is important to me. First, imports can have alternative VCS information. For example, import:
- package: github.com/myorg/privaterepo
repo: https://<username>:<token>@github.com/myorg/privaterepoThis should work today. For the package at that location locally the repo used will be the one here. But, a Instead, we need a way to supply overriding aliases that the CI system can supply with credentials. The CI system can securely store them. See #39, #372, and #380 to see where this is going. I'd like to have the alias system in place soon. What do you think? |
|
Ah thanks, that's perfect for now. Big ol' 👍 to the .gliderc idea, its in line with how other dependency managers work. Its great to see that there is some thought going into this. I'll close this as there seem to be other tickets covering the ongoing work. |
|
Are there any updates on this topic as I really need oath token support for github (as generated by Personal Access Tokens") |
In dev ssh keys are usually used to allow access to private repos, but in CI it can be a pain to manage ssh keys for github machine users with limited access.
I propose adding support for github oauth (https+basic auth). These oauth key works as the password, and can be managed at https://github.com/settings/tokens.
As a bonus, if an oauth key ever gets committed to a public repo github will revoke it automatically.
eg:
would fetch the git repo by doing:
and the glide.yaml would look like:
The text was updated successfully, but these errors were encountered: