On Mon, Mar 30, 2020 at 8:13 AM Nicolas Mailhot via devel devel@lists.fedoraproject.org wrote:
Le dimanche 29 mars 2020 à 23:47 -0400, Neal Gompa a écrit :
As a General User I want to access repos fully over https For environments where SSH is blocked
I would be really curious if the Red Hat Infrastructure Security guys have changed their opinion on this after four years of blocking the development of this feature in Pagure. The two major reasons we don't have this in Pagure are:
Neal,
Security is the usual excuse not to implement stuff. That does not work when competing with others that did their homework. As you noted yourself ssh accesss is not blameless either.
Gitlab and Github work in https mode. Pagure does not. End of story.
Expecting others to hole their security with corkscrew because of the ssh holy cow was never going to impress any third party.
You don't have to tell me, I already know. It was intentionally not implemented. And even with all that, we *do* have HTTPS through SSO on src.fp.o. We just don't have it on pagure.io. Don't expect it to be available with the move to GitLab. GitLab admins have a toggle they can use to disable HTTPS pushing for policy reasons, and I will strongly bet on it being flipped so that HTTPS pushing will not be available in our GitLab.
-
Neal Gompa