[CentOS-devel] The Git forge decision (was CPE Weekly: 2020-03-28)

Mon Mar 30 12:17:25 UTC 2020
Neal Gompa <ngompa13 at gmail.com>

On Mon, Mar 30, 2020 at 8:13 AM Nicolas Mailhot via devel
<devel at lists.fedoraproject.org> wrote:
>
> Le dimanche 29 mars 2020 à 23:47 -0400, Neal Gompa a écrit :
> >
> > > As a General User
> > > I want to access repos fully over https
> > > For environments where SSH is blocked
> >
> > I would be really curious if the Red Hat Infrastructure Security guys
> > have changed their opinion on this after four years of blocking the
> > development of this feature in Pagure. The two major reasons we don't
> > have this in Pagure are:
>
> Neal,
>
> Security is the usual excuse not to implement stuff. That does not work
> when competing with others that did their homework. As you noted
> yourself ssh accesss is not blameless either.
>
> Gitlab and Github work in https mode. Pagure does not. End of story.
>
> Expecting others to hole their security with corkscrew because of the
> ssh holy cow was never going to impress any third party.
>

You don't have to tell me, I already know. It was intentionally not
implemented. And even with all that, we *do* have HTTPS through SSO on
src.fp.o. We just don't have it on pagure.io. Don't expect it to be
available with the move to GitLab. GitLab admins have a toggle they
can use to disable HTTPS pushing for policy reasons, and I will
strongly bet on it being flipped so that HTTPS pushing will not be
available in our GitLab.



-- 
真実はいつも一つ!/ Always, there's only one truth!