Related to: https://pagure.io/fedora-infrastructure/issue/5964
Would it be possible to create a special user account with read/write access to /srv/groups/freeipa/ directory? We need it for our CI automation.
/srv/groups/freeipa/
Username: freeipa Password: random high-entropy password
freeipa
Thanks!
Actually, password authentication isn't necessary at all. An ssh keypair would be better.
You should be able to set this all up yourself.
Basically make a freeipa user in fas add them to the gitfreeipa group (this will give them write access there and access to fedorapeople because they have cla+1), setup ssh keys for them and upload them to fas.
Let us know if you run into any issues with it... I think it should just work. Feel free to re-open or just comment here if you have problems.
:green_heart:
Metadata Update from @kevin: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
For security reasons, we do not want this account to be a member of gitfreeipa group.
gitfreeipa
I found out we already have a FAS account we can use for this purpose (ipa-maint) . I can set up the SSH key and sign the CLA. Would it please be possible to:
ipa-maint
/srv/groups/freeipa
ipa-maint:gitfreeipa
Metadata Update from @tkrizek: - Issue status updated to: Open (was: Closed)
The user has been added to wikiedit for now. If we think of a better group, we can change, but for now I think this'll do as it doesn't give any additional privileges.
Metadata Update from @puiterwijk: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.