Github:对私人存储库的只读访问
我正在 Github 上开发一些私人项目,我想将夜间 cronjobs 添加到我的部署服务器以从 github 提取最新版本。我目前正在通过在每个部署服务器上生成密钥对并将公钥添加到 github 项目作为“部署密钥”来实现此目的。
但是,我最近发现这些部署密钥实际上具有对该项目的写入权限。因此,每个服务器管理员都可能开始编辑。此外,我可以将每个部署密钥仅添加到一个存储库,而我希望能够在一台同一部署服务器上部署多个存储库。
有没有办法为 Github 上的选定用户提供私有存储库的只读访问权限?
I am developing some private projects on Github, and I would like to add nightly cronjobs to my deployments servers to pull the latest version from github. I am currently doing this by generating keypairs on every deployment server and adding the public key to the github project as 'Deployment key'.
However, I recently found out that these deployment keys actually do have write access to the project. Hence, every of the server administrators could potentially start editing. Furthermore I can add every deployment key to only one repository, whereas I would like to be able to deploy multiple repositories on one and the same deployment server.
Is there a way to provide read-only access for private repositories to selected users on Github?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(5)
2023 年 12 月 26 日对 GitHub 的回答:
其中:
myusername是您的 GitHub 用户名myproject是 Git 项目名称。github_pat_11AAJ3xxxxx是访问令牌。要生成访问令牌:
[ Settings >开发者设置>个人访问令牌>细粒度令牌]。生成新令牌,选择仅选择存储库并选择您要授予只读访问权限的私有存储库。“操作、管理、代码、代码空间和元数据”具有读取访问权限。Answer for GitHub on 2023-12-26:
Where:
myusernameis your GitHub usernamemyprojectis the Git project name.github_pat_11AAJ3xxxxxis the access token.To generate the access token:
[ Settings > Developer Settings > Personal Access Tokens > Fine Grained Tokens ].Generate New Token, selectOnly select repositoriesand choose the private repositories you want to grant read-only access to.Read accessto"actions, administration, code, codespaces, and metadata".我有权威人士认为(相对较新的)"组织" 功能允许您添加对私有存储库具有只读访问权限的人员。
I have it on good authority that the (relatively new) "Organizations" feature allows you to add people with read-only access to a private repository.
对于发现此问题的其他人,请知道现在您实际上可以创建只读部署密钥:
https:// /github.com/blog/2024-read-only-deploy-keys
您仍然可以创建具有写入权限的部署密钥,但在添加密钥时必须显式授予该权限。
For anyone else finding this question, know that nowadays you can in fact create read-only deploy keys:
https://github.com/blog/2024-read-only-deploy-keys
You can still create deploy keys with write access, but have to explicitly grant that permission when adding the key.
我知道问题是关于 github 的,但也许对于一些读者来说,知道这在 gitlab 中是可能的并且免费是可能的。检查 https://gitlab.com/help/user/permissions。我花了一些时间使用 github,但没有完全达到我的目的。如果我知道的话,我就会用 gitlab 开始这个特定的项目。
I know that the questions is about github but maybe for some readers it would be nice to know that this is possible in gitlab and for free. Check https://gitlab.com/help/user/permissions. I spend some time using github without fully serving my purposes. If I knew then I would have started this particular project with gitlab.
对于组织:
我建议专门为用户创建一个新团队。然后,该团队可以授予对您指定的存储库的只读访问权限。我希望这有帮助!
For Organizations:
I suggest creating a new team specifically for the user. This team can then grant read-only access to the repositories you specify. I hope this helps!