GIT - Github, Gitea, Gitlabs. Everything git

321 readers

1 users here now

A place to everything git!

Rules

Be civilised.
Avoid going off topic.
No slurs, harassement, racism or any other type of descrimination.

Cross-posts

!selfhost@lemmy.ml is allowed!
!docker@lemmy.ml is allowed!
!portainer@lemmy.ml is allowed!
!selfhosted@lemmy.ml is allowed!
!gitlab@lemmy.ml is allowed!

Sidebar updates soon!

founded 3 years ago

MODERATORS

Zoe8338@lemmy.ml

[solved] best way to grant access to a single repository? (lemmy.kde.social)

submitted 1 year ago* (last edited 1 year ago) by tubbadu@lemmy.kde.social to c/everything_git@lemmy.ml

4 comments fedilink hide all child comments

hello! For University I need to use a remote machine with a very very VERY weak password I cannot change, and I have to use that machine to edit some code with a few other students of my team. All the code should then be pushed to a repo of my personal github. I'd like to be able to grant access to only that repo, so that if someone guesses the password it cannot touch my other stuffs. What options do I have?

[SOLVED] EDIT:
as suggested by @elliot_crane@lemmy.world I created a github fine grained access token setting its only permission as read/write only that repo. Then I cloned the repo on the remote machine and set the url to include the token:

git remote set-url origin https://myusername:MYTOKEN@github.com/myusername/myrepo.git

I then set the user and email:

git config user.name myusername
git config user.email my@email.com

and voilà! I can now simply push without any password requested! And in case someone gained access to the token (that is stored in plain text inside the .git folder) it would only grant access to that specific repo, limiting the damages

top 4 comments

sorted by: hot top controversial new old

[–] elliot_crane@lemmy.world 2 points 1 year ago (2 children)

Take a look at fine grained personal access tokens on GitHub, and this SO thread that discusses using them over HTTPS. In theory this should allow you to make a token that can only access the one remote repository, for a temporary duration you define (you could set this to end shortly after your semester for instance). I’ve never personally set this up so YMMV, but this seems to be the right way to achieve what you want.

[–] tubbadu@lemmy.kde.social 2 points 1 year ago (1 children)

It worked great! exactly what I was looking for, thank you very much!

[–] elliot_crane@lemmy.world 2 points 1 year ago

Glad to hear, good luck with your project.

[–] tubbadu@lemmy.kde.social 1 points 1 year ago

Seems really promising! I'll try and let you know if it worked as I wish it will! Thanks!