Closed achilleas-k closed 5 years ago
Micro-service now ensures that a readable key pair is installed for the user, and if not, then it generates a fresh pair and installs it to the user's GIN account.
Seems to be working (with some fixes) in #14.
Fixes:
chmod
the keys to 0x600
GIT_SSH_COMMAND
to use generated keys
When setting up the configuration for the user, the SSH key pair should be generated and set up automatically. The public part should be added to the user's profile (via the GIN API
/api/v1/user/keys
) and the private part should be stored on the GIN Proc server, accessible by the service. All clone steps can then reference the private key via a plugin for external secrets.The details of the secrets plugin need to be discussed further.