I have a private repo and want to keep it private but would like to have a release that is publicly accessible. The doc's doesn't give more hint's on it and it seems like that I would need to make the project itself public. Can someone confirm that?
Edit: It's not possible on github, without a workaround, probably same goes for gitlab.
I confirm my workaround for GitHub would need to be applied for a private GitLab repo:
a separate public repo
empty commits to which you can associate a release
The problem remains: a private repo is private for all its elements, including its releases.
The other approach would be to publish the releases in a public artifact repository (like maven.org for jars/wars for example): that depends on the nature of your project.
Related
So, I have a private library that I am building, I plan on publishing it after I get my research paper published and the work is in the alpha stage. I need to keep the algorithm private and so I am working on a private repository in "Gitlab.com". Now, I have seen that we can use "gitlab-ci" even for private repositories but I am having trouble understanding the "shared runners" concept.
what I think is that these runners run our code with other code with a similar configuration in a queue. I am not sure if that is completely correct.
Is my code still private when I use "gitlab-ci" with a private repository in "Gitlab.com"? or can it be accessed somewhere/somehow publicly?
I have this private repository in Gitlab.com it is not Gitlab enterprise edition
Answer: No, your code will not be accessible publicly.
Gitlab runner clones your repo using an access token and then runs the ci steps.
If you build using docker images, your code will be completely cleaned up when the ci steps are complete. Because the docker container will be cleaned up immediately.
If you use normal runner, gitlab runner does cache your code, but I don't think that is a concern, because there is no public access to these caches.
I have a private repository on gitlab.com, i.e. not my own hosted GitLab instance, which has git submodule which is a private repository on gitlab.com. I added the submodule and changed the URL in .gitmodules according to Getting GitLab CI to clone private repositories which makes the cloning work when using shared runners from gitlab.com. I'd like to use a specific runner which runs under my desk for no specific reasons (the runner works fine for public projects).
I went through
https://docs.gitlab.com/ee/user/permissions.html
https://docs.gitlab.com/runner/security
https://docs.gitlab.com/ee/user/project/new_ci_build_permissions_model.html
and tried changing the remote URL to git clone https://<username>:<private-token>#gitlab.com/[my username]/[my submodule project name].git following some issue reports. I'm still not sure whether that's the deprecated way of allowing runners to clone or not.
I don't find any explanation for permissions for runners which are configured from a user perspective (in the sense that I'm not the admin of gitlab.com). All linked articles are missing crucial examples, distinction between target group of users and admin and version references and thus might be outdated or not.
It's necessary to add
variables:
GIT_SUBMODULE_STRATEGY: recursive
like described in https://stackoverflow.com/a/42224451/1797006 although its use isn't obvious. Then the specific runner which can be located anywhere has permissions to clone the private repository.
OpenShift seems to encourage developers to push a repo directly to OpenShift, which is pretty convenient. If an application (using node.js, but that probably doesn't matter much for this question) has mostly public files, but a few private files for things like DB passwords, external api keys, license keys, New Relic config, etc., what is the recommended way of deploying?
One idea that comes to mind is to have 1 public repo, 1 private repo, and a deploy script that puts everything together, commits to a separate private deploy repo, and then push that deploy repo to OpenShift.
This seems like it would be a common use case though, so perhaps the deploy script with extra repo is unnecessary if OpenShift already has a process for this.
The recommended way is to use environment variables for things like db passwords and keys. And unless you are also copying your code to a public github repo, then everything you push to your OpenShift hosted git repo is private to just you.
I have a project I'm currently working on, which I am contemplating making open source, but I definitely want to keep it closed-source for the time being. Inside this project, I have a sort of subproject that I want to make public, so anyone can access/fork it.
So here's what I want:
A mercurial SCC with:
Repo 1: All files from /dir/project/ - Private repo, requires username/password to pull/push/fork/browse etc.
Repo 2: Some files from /dir/project/stuff - Public repo, but requires username/password to modify.
How can I do this? Is there a better way I can do this? I'm using my shared hosting Linux environment to do this, so is symbolic linking a better idea?
I'm open to all suggestions thanks, still a bit of a HG newbie.
You should use "subrepository" to define the two parts of your project:
your parent repo would be the private one, with a reference (in a .hgsub file) to your public repo ()
your public repo woud be stored in a public referential, with no knowledge of the private part.
(No symlink necessary here)
See also in the same kind of problem the SO question "Mercurial Subrepos - How do you create them and how do they work?".
Subrepositories is a feature that allows you to treat a collection of repositories as a group. This will allow you to clone, commit to, push, and pull projects and their associated libraries as a group.
How do we make a project private in Gitorious? Does Gitorious support it at all? I searched around but couldn't find anything useful, except that Gitorious doesn't seem to have a private mode for projects. Thanks in advance.
If you really need private repositories, and you are looking for a free alternative, try BitBucket. Unlimited private repositories, for free!
It's not possible in Gitorious at the moment/maybe never. There is an outstanding merge request at the moment here but there is no update as to when it will hit the mainline (i.e. Gitorious.org).
If you want private repositories then you need to host Gitorious yourself - it's easy enough to install, and then make the entire install private.
Gitorious now has support for private repos. Get the latest version and add enable_private_repositories: true to config/gitorious.yml. The Gitorious wiki page is https://gitorious.org/gitorious/pages/PrivateRepositories.
There is a fork of Gitorious called YouSource which has private repositories. The repo is here and there's also a detailed installation guide for it.
As of Nov 2011, there is a new supported Private Repositories feature being planned, keep tracking of it and support if you can.
Also note that, the private repository feature may be only enabled if you have a local installation.
As of version 2.2.0, Gitorious supports private repositories. You should check out private-repos branch and you will be able to create private repositories.
More details can be seen in wiki page https://gitorious.org/gitorious/pages/PrivateRepositories