ocdtrekkie
commented
6 years ago When you say "there is no authentication on the repo", is there not an API key as part of the URL?
Closed cbrulak closed 6 years ago
ocdtrekkie
commented
6 years ago When you say "there is no authentication on the repo", is there not an API key as part of the URL?
cbrulak
commented
6 years ago Actually, now i see there is. I misread the output from gitlab. For example:
echo url=https://XXX:YYYY@api-ID.NAME.sandcats.io/gitlab/repo.git | git -c credential.helper=store credential approve git clone -c credential.helper=store https://XXX@api-ID.NAME.sandcats.io/gitlab/repo.git repo_ayhbymae_RENAME_ME
But, is it possible to use ssh keys?
ocdtrekkie
commented
6 years ago Not currently, no. Sandstorm knows how to talk in HTTP APIs. Bear in mind that GitLab does not handle the authentication here, Sandstorm does. (Which is why GitLab vulnerabilities are extremely unlikely to impact the security of a Sandstorm-hosted instance.
In order to support other forms of access and authentication, Sandstorm's capabilities would need to be extended to support that type of communication. Or the app would need direct IP access, and to handle authentication itself.
cbrulak
commented
6 years ago I see,thanks.
I have my sandstorm instance protected by oauth via google sign (only my personal domain can access). When I create a new gitlab repo though I see the following:
Is this by design or did I miss something?
Thanks