So, my question is:
How to access private repositories of Bitbucket/Github or any other online web-based version control repository hosting service.
Any feedback is most welcome.
Thanks
Steve Washer
I'll only speak for github as a daily github user. The only way to access them is either by being member of the repository or outside collaborator of the repository. Owner of the repo can add you to it in the repository Settings.
Another way is to ask any of the members to provide you the personal access token, which you could use to read the repository via the API. This is however, unsafe.
Yet another way is asking the repository owner or any repo user to add your public SSH key to his account so you may have repo access (clone, commit) without ability to view it on github.com
Summary: you always need to talk to the owner or any of the current repository members. Private repo will never be accessible otherwise.
Related
I have a github app that invoke Jenkins pipeline (in Enterprise github) which uses /api/v3/app/installations/${payload_installation_id}/access_tokens to create an access token.
I am able to clone repositories using that access token as long as they are public.
I ran into a problem where one of the repositories I'm using has submodules and one of the submodules are private.
What do I need to do to give this github app access to that private repository?
I did confirm that changing that repo to be public is solving the problem but there is a reason that repo need to be private.
One of our users create a private repository within and organisation on GitHub Enterprise. He added a collaborator, but this person get 404 error when trying to access the repo. I added my account to this repo and all works fine for me.
Added collaborator is in the same organisation, repo is visible on his profile, link to repo is fine too (it works for me and repo owner).
I was searching the answer in Internet, but no luck.
Do you have any idea, what can cause this situation?
This usually happens because the user who is having an issue's client isn't properly authenticating.
You can read more about it here: https://developer.github.com/v3/troubleshooting/
I was added as collaborator to a public GitHub repo and I was able to make changes to the main branch. A pull request was not generated, the changes just went right in. I am using Visual Studio 2015 as my client, for what it's worth.
Yes, it depends on the permission.
There are 4 types of permissions:
Read
Write
Admin
Owner
Note: Organization members with owner permissions have extensive permissions across all repositories in an organization.
See the permissions and associated actions at Repository permission levels for an organization and Collaborator access on a repository owned by a user account.
Yes, it is either your responsibility to properly follow process (i.e., create a branch and then create the pull request to merge to master / release / etc) or/and up to the repo owner to set up permissions so committing directly to master is not possible.
Yes, that's basically what collaborators are. :)
See Github - Collaborator access on a repository owned by a user account
Often, even if you have collaborator access/rights, you can choose to adopt a more kosher Git workflow, like creating a branch and a pull request for each 'thing' that goes into the main branch.
My organization has a private repo and we've brought on a few contractors and given them access to the code base.
These contractors have been forking the code base, and I wanted to evaluate the potential security implications of that.
Could any of these forkers make the code public if they choose to?
If their access is removed from the original project, will their access to the forked repo also be removed?
Could any of these forkers make the code public if they choose to?
Yes, they can push it to a new public Git repo (on GitHub or any other Git hosting service)
If their access is removed from the original project, will their access to the forked repo also be removed?
See "Removing a collaborator from a personal repository"
While forks of private repositories are deleted when a collaborator is removed, the person will still retain any local clones of your repository.
For a better security, contractors usually operate on PCs inside the organization through VPN. Those PCs can then limit or prevent internet access.
$ git push -u origin master
ERROR: Repository not found.
fatal: The remote end hung up unexpectedly
I'm quite sure the repository is there and I added it correctly. The problem may be that I am using two github accounts. One is my personal one and one is for a client. I'm trying to get it on the client's github as a private repository.
I am able to create a repository and push it to my personal github account. But I can't get it to push to my client's account.
You probably do not have permission to push to your client's repository. To get access, the easiest way would be if your personal GitHub account had access to your client's repository.
Ideally your client's account is a GitHub Organisation. That way, an arbitrary number of people can be given permission to access its features. Just add any account as an owner of the organization, or add an account to a team to give access to specific repositories.
If your client's account is not an organisation, you can give yourself access by adding your own account as a collaborator to the repository (in the repository admin settings). That gives you access to the repository from your own account.
If you are trying to use multiple ssh keys to login to different Github accounts depending on which repository you are pushing to, see Multiple GitHub Accounts & SSH Config. However, this is more difficult and is probably unnecessary.