Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

support private repos by adding auth_token key to yaml #35

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

MennaEssa
Copy link

in order to support building applications with private dependencies , we've added support for github private repos by adding an extra auth_token key in the yaml file and sending it the in the authorization headers.

@micahsnyder
Copy link
Contributor

Hi @MennaEssa I'm so sorry I didn't see your PR until now. Wow it's been a long time. You're welcome to ping on PR's if needed!

I'll check this out now.

Copy link
Contributor

@micahsnyder micahsnyder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I imagine this works. But storing credentials in a file that goes in version control may get you in a lot of trouble, and it's not something you could use at all for recipes stored in a public repo, like https://github.com/Cisco-Talos/clamav-mussels-cookbook

It would be far safer to store the credential in an environment variable, and have the yaml provide Mussels at the environment variable name so Mussels could read the token from the environment variable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants