rafecolton / docker-builder

Docker builder builds Docker images from a friendly config file.
MIT License
80 stars 11 forks source link

Providing GitHub API token if building with webhook? #90

Open rafecolton opened 10 years ago

rafecolton commented 10 years ago

If no API token is provided to the build server itself, and the request comes through on a webhook as opposed to a request to /docker-build, it wouldn't be possible to clone down a private repo. Do we care? If so, proposed solutions?

meatballhat commented 10 years ago

I care :smiley_cat:

Why can't we accept an API token in the body of the webhook request? In the case of Travis webhooks, the entire .travis.yml is sent in the payload, so there's an opportunity to read the token from there in the case of private repositories that aren't encrypting the value.

rafecolton commented 10 years ago

Yeah, that would handle the above case, since it would not be necessary to encrypt the value in a private repo. Are there any standards around where in the .travis.yml to put the value?

meatballhat commented 10 years ago

It's nice to namespace your stuff, but that's about it.