Is there any to way to automatically upload the public key to Gitlab after generating the private/public key pair.
I want to automate these steps:
Open Gitlab and enter Settings-> SSH Keys. Then paste the public key and click the Add Key button to add.
You have a GitLab REST API endpoint which could be use to automate that step.
See User -- Add SSH key
POST /user/keys
with as a data:
{
"title": "ABC",
"key": "ssh-dss AAAAB3NzaC1kc3MAAACBAMLrhYgI3atfrSD6KDas1b/3n6R/HP+bLaHHX6oh+L1vg31mdUqK0Ac/NjZoQunavoyzqdPYhFz9zzOezCrZKjuJDS3NRK9rspvjgM0xYR4d47oNZbdZbwkI4cTv/gcMlquRy0OvpfIvJtjtaJWMwTLtM5VhRusRuUlpH99UUVeXAAAAFQCVyX+92hBEjInEKL0v13c/egDCTQAAAIEAvFdWGq0ccOPbw4f/F8LpZqvWDydAcpXHV3thwb7WkFfppvm4SZte0zds1FJ+Hr8Xzzc5zMHe6J4Nlay/rP4ewmIW7iFKNBEYb/yWa+ceLrs+TfR672TaAgO6o7iSRofEq5YLdwgrwkMmIawa21FrZ2D9SPao/IwvENzk/xcHu7YAAACAQFXQH6HQnxOrw4dqf0NqeKy1tfIPxYYUZhPJfo9O0AmBW2S36pD2l14kS89fvz6Y1g8gN/FwFnRncMzlLY/hX70FSc/3hKBSbH6C6j8hwlgFKfizav21eS358JJz93leOakJZnGb8XlWvz1UJbwCsnR2VEY8Dz90uIk1l/UqHkA= loic#call",
"expires_at": "2016-01-21T00:00:00.000Z"
}
Related
I want to set my API Key as a secret for my github hosted page of my repo.
The thing is I have this on my javaScript code:const apiKey = 'THE_API_KEY';
then I go to:
1.Settings tab at top of my repo
2.Secrets option near bottom of left-most column
3.New Repository Secret
4.I enter THE_API_KEY as the name of my secret
5.I enter my API Key value into the Value field an then click on Add Secret.
After I deploy my github website, it doesn´t work.
I know I am doing something wrong, can someone please tell me how to do it properly?
I have run ssh -T git#github.com to check my connection SSH connection, and I got the following result -
Hi e***! You've successfully authenticated, but GitHub does not provide shell access.
Now, this is not my GitHub user and I don't know how to change it.
To work with ssh or any asymmetric key encryption protocols, you should get a grasp of the concept of how public and private key pair works. Only until then, what I will say below makes sense:
The command ssh -T git#github.com shows the user who has added your public key to their account. What this command does is it sends your public key to Github's server, GitHub then tries to verify if you are actually the owner of this public key (by testing your private key with some encrypted data). If so, it finds the account in its database that associates with this public key and returns the result that you're seeing on the screen.
Should you be worried? No, because your public key is supposed to be public, and anyone could grab your key and unintentionally add that to their GitHub account. Other than you can access their GitHub's private repositories, they can do nothing to your computer or your GitHub account.
If you still have read and write access to your GitHub's repositories (e.g., git clone or git push), there's nothing else to do.
Edit:
If you've already added your public key to your GitHub account and ssh -T git#github.com still outputs their GitHub's account name, I think it's because GitHub finds their account first and return that right away.
I'm trying to follow this guide https://cloud.google.com/speech/docs/getting-started to call GAE speech to text api through curl. But it doesn't seem to work.
I've setup a project and enabled speech to text api. But then when I try to active the service account it fails. I've run diagnostics, tried different accounts, verified the json file (has email), tried gcloud beta init :-(
bash-3.2$ gcloud auth activate-service-account account#project.iam.gserviceaccount.com --key-file=project.json
ERROR: (gcloud.auth.activate-service-account) Failed to activate the given service account. Please ensure provided key file is valid.
The next step though 'gcloud auth print-access-token' returns a token.
But the final step (curl) returns this -
{
"error": {
"code": 403,
"message": "Google Cloud Speech API has not been used in project google.com:cloudsdktool before or it is disabled. Enable it by visiting https://console.developers.google.com/apis/api/speech.googleapis.com/overview?project=google.com:cloudsdktool then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.",
"status": "PERMISSION_DENIED",
"details": [
{
"#type": "type.googleapis.com/google.rpc.Help",
"links": [
{
"description": "Google developers console API activation",
"url": "https://console.developers.google.com/apis/api/speech.googleapis.com/overview?project=google.com:cloudsdktool"
}
]
}
]
}
}
The problem seems to lie in the project(google.com:cloudsdktool instead of mine) used to authenticate the incoming request.
I'm guessing the call to activate-service-account is causing this?
You are getting the error message for google.com:cloudsdktool project because the command you ran with curl gcloud auth print-access-token was using your user account credentials (created by gcloud auth login) and not service account (as you point out that step failed for you).
The command to activate service account is correct (btw you do not need to provide the account, as one from the file will be used)
$ gcloud auth activate-service-account --key-file=project.json
Make sure your project.json is correct file in the right format format. You can create this json key file either in
in https://console.cloud.google.com/iam-admin/serviceaccounts/project?project=YOUR_PROJECT_NAME
gcloud iam service-accounts keys create, see reference guide.
The file will look like
{
"private_key_id": "....",
"private_key": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----\n",
"client_email": "...",
"client_id": "...",
"type": "service_account"
}
Note that client_email will be used for ACCOUNT in activate-service-account command.
Implementing a PHP Bitbucket API service for a website. One thing I need to do is give a bitbucket user (could be anyone at all as long as they have a bitbucket account) access to a private repository and be able to pull the repo down via composer.
Is this possible by the Bitbucket API?
Should I be giving the user just standard read access to the repo?
If thats the case what happens with SSH keys? How would I handle that?
OR should I use the deployment keys feature? Is this available via the API?
If you know of any documentation apart from the official ones that might highlight some of these features slightly better, it would be greatly appreciated.
Thankyou
To give a user access to a repository through the API: https://confluence.atlassian.com/display/BITBUCKET/privileges+Endpoint#privilegesEndpoint-PUTanewprivilege
If all you need is the ability to clone, then "read" permission is sufficient.
HTTPS vs SSH is orthogonal. Once a user has access, it is up to them to choose the protocol.
Deploy keys are another option is all you need to the ability to clone a repo over SSH (not HTTPS), but it sounds like that may not be a very good fit for what you're trying to do.
The user would need access to the repository... read access is fine
now since your repository is a private one, it's not hosted on packagist, i'm assuming...
so your composer config, well at least the way we do it in our workspace could be as follows:
{
"name" : "bitbucket-users-project-name",
"author" : "bitbucket-users-name",
"repositories": [
{
"type": "git",
"url": "git#bitbucket.org:your-username/your-repo-name.git"
}
],
"require" : {
"your-repo-composer--name" : "version.number.here"
}
}
for testing purposes you could use dev-master instead of version.number.here
now since you're using the ssh git url, that user would require their ssh key added to their own account
Since we've turned off passwords for security purposes, I was hoping there was a script or some other way to automatically add WHM authorized keys to account level ssh public keys and have them automatically authorized.
You muste be to create a script post create acct (/scripts/postwwwacct example) or standarized script. See more on https://documentation.cpanel.net/display/SDK/Guide+to+Standardized+Hooks+-+Script+Hooks