tonypiper
commented
7 years ago @andytson-inviqa would a Gist be OK? or prefer a more private way?
Open kierenevans opened 7 years ago
tonypiper
commented
7 years ago @andytson-inviqa would a Gist be OK? or prefer a more private way?
andytson-inviqa
commented
7 years ago A private gist would be fine if it doesn't change when we need to update it. The URL for it shouldn't go in these repositories however. It's important however that the gist (or other http url) be owned by the organisation rather than an individual still, so will not be lost if staff leave
andytson-inviqa
commented
7 years ago the gist or other shouldn't be editable by everyone who can view it though.
andytson-inviqa
commented
7 years ago a raw link to an organisation git repo with a read-only token might be the way to do it
andytson-inviqa
commented
7 years ago even better would be to have a proper SSO
sroze
commented
7 years ago HTTPLabs Auth0 middleware is really going to a good direction :)
richardmiller-zz
commented
7 years ago We should start trying it out then :)
We have a list of IPs that should be able to bypass basic authentication. It would be nice to be able to configure this centrally instead of having to configure each deployment.