Open kierenevans opened 7 years ago
@andytson-inviqa would a Gist be OK? or prefer a more private way?
A private gist would be fine if it doesn't change when we need to update it. The URL for it shouldn't go in these repositories however. It's important however that the gist (or other http url) be owned by the organisation rather than an individual still, so will not be lost if staff leave
the gist or other shouldn't be editable by everyone who can view it though.
a raw link to an organisation git repo with a read-only token might be the way to do it
even better would be to have a proper SSO
HTTPLabs Auth0 middleware is really going to a good direction :)
We should start trying it out then :)
We have a list of IPs that should be able to bypass basic authentication. It would be nice to be able to configure this centrally instead of having to configure each deployment.