info-beamer

Private repositories for packages

Since we are asking another query, hehe

I am trying to upload a private repository from github to upload a specific packet containing private keys and paths to an application that I cannot make public.

When trying to upload the SSH keys to Github it tells me that those keys have already been used in another account.

I imagine that this is because of something new that Github implements and for this reason it does not allow the key provided by Info-Beamer to be used for this purpose … is there any other way to solve it?

Thank you !

Yeah. Noticed that too. I’m not sure why it’s implemented in github this way (now?). The only reason I see is that you then know your key doesn’t allow access to anything else on github once you remove your public key. Bitbucket handles this differently and multiple users can add the same key.

Unfortunately there’s no workaround at the moment. I guess in the future there will be a “one public key per info-beamer account” feature added.

Ugh. I just realized that you cannot even add the same deploy key to different repositories within the same github account. Well, that’s odd[1]. And it complicates things quite a bit as that means you now need to manage multiple ssh keys per account. And that would require a completely new set of API calls. :-\

[1] I’m happy to learn why they think that’s a good idea. There is probably one. I’ve opened a ticket with github and will share any result.

Got a response from github:

It’s for security, if a private key is compromised, then only one repository is affected.

So there’s that. I guess that really means that support for private repositories on github means adding ssh key management to info-beamer. Hmpf.

Apparently the solution will be a bit more complex than usual.

It is not bad as many times it happens that a key needs to be shared and then, in case of loss, all the rest of the information would be compromised.

Although this leads to having to manage more keys, it assures us that if a key is made public, only it will be affected.

I think you could put a list of passwords at the user level and have each one handle its own … but hey, it’s daring of me and you are the one who really knows the complexity of this …

Just to tell you that the system has a very interesting potential, after a few days of testing I have only found some points to work on, but in general I like it a lot

Greetings

Now available: Custom SSH key support for git pulls from private repositories.

1 Like

I have not succeeded …

I have added the key in ‘Settings - Deploy keys’ of my repository and when executing the POST I get the following error.

{
     "error": "Cannot create package. Please try again later or get in contact if the problem persists"
}

Also I tried with other API options such as list, and even create an empty repository and that if I have managed to do it.

Any advice?

Which package source url did you try? Only ssh://git@github.com/something.git will use the SSH key. https based pulls do not use them for example.

Here I am testing …

I already tried with: HTTPS, SSH (git@github …)

None worked for me.

this is the error when trying to do it over HTTPS:

{
    "error": "Cannot update using git: git command run into an error. Make sure the repository url is correct and info-beamer hosted has access to the repository."
}

I am using Postman to be able to analyze the error. Do you use it? maybe you can pass me the file to import …

Thank you

Just to be sure: You’ve correctly specified the ssh_key_id=<whatever> argument to the /package/create POST request and the import url starts with ssh://git@github.com/<path>? If the ssh_key_id is missing, the default SSH key is used. If that’s not it, can you share the repository url by email (to hello@info-beamer.com), so I can look into the log to see what might be going on?

If that I have reviewed it … although it does not assure that you are not doing something wrong …

I send you mail so that you can see it.

info-beamer - Digital Signage for the Raspberry Pi community forum - Imprint