Comments (15)
建议,现在阶段先手动到服务配置 SSH Key:https://docs.github.com/en/[email protected]/github/authenticating-to-github/connecting-to-github-with-ssh/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent
后续再完善这个功能:
相关的功能参考:https://stackoverflow.com/questions/37331571/how-to-setup-ssh-keys-for-jenkins-to-publish-via-ssh
代码:https://github.com/jenkinsci/publish-over-ssh-plugin
from archguard.
更换为OAuth application 授权的方式是否会更好,避免配置密码,同时又拥有权限
from archguard.
其实,很难配置成 OAuth 的,Clone 的这一部分主要参考的是 GoCD/Jenkins 这一类的持续集成工具,好像业内没有这么实现的。但是,他们都会把鉴权做成插件化。
from archguard.
OAuth 确实不太准确, 权限这块主要是和用户关联的,可以调整为每个用户可以配置多个AccessToken (也可以是账号密码), 项目拉取时可以选择使用哪个token 去拉取项目 , 如果用户的权限有调整,只需修改统一的Token 就可以了
from archguard.
现有的设计里,每个项目是独立的,都有自己的用户名和密码。主要还是在设置时候的问题,要考虑一下安全性。但是,我看到很多公司内部的持续集成工具,实际上是有一个超级只读权限的账户。
from archguard.
是的,公司内部的项目,使用用户的权限会遇到很多问题,比如人员离职后,权限失效导致项目不能构建;
这个issue里面对的主要问题在于不同的项目需要重复配置账号,相当于重复代码,将重复的部分提取出来就可以了
from archguard.
嗯,就这个情况的话,估计得加个配置。主要是又会涉及到一个公司里面,可能有有多个不同团队使用 ArchGuard 的情况,相互能不能相互查看。
from archguard.
不同团队间,需要类似命名空间的东西, 属于同一个应用的微服务放入同一个空间,同一个空间内的可以互相查看,不同空间的查看需要授权, 这样下来,用户管理,权限相关的工作量也是比较大的
from archguard.
估计只能先 hold,等治理部分差不多结束了,再开始了。
from archguard.
我们公司内部gitlab全是ssh key方式,没有passwd。希望赶快出ssh key功能
from archguard.
@kinghu88 要来试试吗?
from archguard.
@phodal 我就一个k8s运维,没有开发经验。估计帮不上什么忙的。大佬要出helm chart包不?
from archguard.
哦,哦,那只能后面再看了,现在真抽不出空。因为,让系统更有用,才是更重要了。
from archguard.
子系统分析->新增系统 (写入仓库密码),第二次修改系统信息,如果修改密码以外的其他内容提交后,密码会丢失
from archguard.
move to archguard/codedb#4
from archguard.
Related Issues (20)
- Gradle plugin for CLI HOT 1
- 扫描 TypeScript 时,Scanner 出错 HOT 1
- Refactoring Scanner2 Domain package
- Invalid or corrupt jarfile scanner_cli.jar HOT 14
- columns in GROUP BY clause HOT 2
- 没有“依赖分析” HOT 2
- docker-compose 启动archguard-backend报错
- Why still error happened when i changed the mysql address to ip? HOT 1
- 您好,能够出一份详细的使用视频教程? HOT 4
- database-map页面引用错误 HOT 2
- error when scanning :Unauthorized: 401 Unauthorized: "{"code":"unauthorized","message":"unauthorized access"}"] with root cause299936 HOT 1
- error when sca-dependencies in windows for Illegal character in query at index HOT 1
- 你好,未来是否支持添加关联功能自动生成单元测试、集成测试用例提高测试覆盖率的功能 HOT 1
- 公司不支持用户名密码登录,当前gitlab系统关闭basic密码认证访问,仅支持ssh key和personal accesstoken方式访问gitlab上项目,其中token身份验证为https方式访问,这种怎么提交系统扫描基本信息 HOT 1
- Return 500 when clicking search button in '趋势与订阅' HOT 2
- error :org.archguard.scanner.ctl.client.ArchGuardHttpClient.saveGitLogs HOT 4
- Scanner Cli not capturing comments at class level and function level HOT 8
- 关于 analyser_diff_changes-2.1.4-all.jar 的使用问题 HOT 3
- Archguardb部署之后扫描项目失败-日志显示两个错误 HOT 2
- About the Architecture Indicators ,where could I find the logic impletement source? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from archguard.