Changes between Version 1 and Version 2 of Ticket #4098, comment 17
- Timestamp:
- 2024-11-12T16:49:48Z (8 days ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #4098, comment 17
v1 v2 17 17 * There is an alternative way to create an org. on CircleCI using mostly email and password, but it involved a lot of manual steps and does not cover (easily) all the usual workflows (e.g.: PR from fork) 18 18 * CircleCI should checkout the code of a project using HTTPS, unless there is a private SSH key available in the CircleCI settings. 19 * There is at least 3 different way CircleCI can have that key setup:20 1. a CircleCI/Tahoe-LAFS admin user manually add an authorized private key (preferably a deploy keyunique to the project/repo)21 2. a CircleCI/Tahoe-LAFS admin gives (way too many) permissions to CircleCI/OAuth to automatically create and authorize a new key.19 * CircleCI propose 2 different ways to setup an SSH key for checkout: 20 1. a CircleCI/Tahoe-LAFS admin user manually add an authorized private key (preferably a '''deploy key''' unique to the project/repo) 21 2. a CircleCI/Tahoe-LAFS admin gives (way too many) permissions to CircleCI/OAuth to automatically create and authorize a new '''user key'''. 22 22 * However, we've found a few projects where there is currently no SSH key, maybe automatically removed by someone leaving the project (unlikely IMHO), and regardless, CircleCI tries and fails to checkout via SSH (`Load key "/tmp/nobody/.ssh/id_rsa": error in libcrypto`). 23 23 * As we are suspecting for other project, adding a new SSH key and removing it directly after seems to cleanup the dirt in the pipe and forces CircleCI to using HTTPS to checkout (WiP).