Cethy
commented
6 years ago Alright, realized the security issue. Taking another route :) (auth in the lambda function)
Closed Cethy closed 6 years ago
Cethy
commented
6 years ago Alright, realized the security issue. Taking another route :) (auth in the lambda function)
jinman
commented
5 years ago @Cethy We are also trying to do the same. Can you please let us know how did you make this work ("auth in Lambda function"). We have Cognito user pool for auth already so we dont want any other authenticated user. Can you share you steps please? did you run Git Gateway on your own EC2 instance/Lambda?
Cethy
commented
5 years ago @jinman My use-case was really simple (update 1 file in github repo & only 1 github user), so I ended up using https://github.com/octokit/rest.js which mimic the github REST api and comes with its limitations (multi-file commit was not possible at the time, don't know if it was added in the past year).
the code looks like this :
import Octokit from '@octokit/rest';
var octokit = Octokit();
octokit.repos.updateFile({
// auth
gh_user_name: '',
gh_repo_name: '',
gh_auth_token: '',
// commit
path: filePath,
message: message,
content: buffer64.encode(fileContent),
sha: currentSha
}));Hope it helps.
amitgandhinz
commented
5 years ago @jinman did you figure out how to get git-gateway working with Cognito? I am also looking at trying to run git-gateway on Lambda and hooking it up to Cognito rather than running GoTrue.
- Do you want to request a feature or report a bug? feature
- What is the current behavior?
git-gatewayrequires an "authenticated user" via Identity (for every actions AFAIK).eg :
{your.domain.name}/.netlify/git/github/<- will return401 "This endpoint requires a Bearer token"- What is the requested behavior?
git-gatewayshould be configurable to bypass the end-user authentication. (Or is it a bad practice I'm not aware of ?)- Use-case : For the app I'm working on, whenever a visitor triggers a particular action, it calls a lambda function which will update a "cache" in the repository.