Use HTTPS instead of SSH for Git Submodules #7576
Replies: 2 comments 4 replies
-
|
RMs need to be able to write to submodules in a couple of places: That being said, it would be easy enough to add a step in those instructions to add a step changing the submodule url to include a username/password, or switching to git temporarily. |
Beta Was this translation helpful? Give feedback.
-
|
So you'll change to HTTPS and instruct RMs to use |
Beta Was this translation helpful? Give feedback.
-
|
I think that makes the most sense. I was going to check how new of a git version was required before filing the pr, because it's easy enough to switch back and forth manually with a few copy and pasted lines. Either way, it's effectively the same thing. One is just way easier than the other :) |
Beta Was this translation helpful? Give feedback.
-
|
When we reference submodules in our internal repos, we use relative URLs in This, however, would require everyone who forks the repo to also fork the referenced modules in case they need to clone those from within their fork or to adjust the URLs and maybe have more side effects. But it most likely would solve the CI/CD issues @mtneug described and would also cover the use case @gregorydlogan mentioned. |
Beta Was this translation helpful? Give feedback.
-
|
mmh interesting. Wouldn't work for me personally, because I rename forked repos. Also, one downside would be that the forked submodules need to be kept updated with all referenced commits. Not sure if I prefer this solution. |
Beta Was this translation helpful? Give feedback.
-
|
Yep exactly. This smells like something that works for a specific config, but not all. I also rename repositories, and wouldn't want to make people who fork Opencast be required to fork the rest of the repos. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Currently, the Git submodules reference the repositories using SSH, i.e.
[email protected]:opencast/{mod}[1]. This is an advantage for release managers who potentially need to work within the submodules. Day-to-day Opencast developers probably don't care as they have a configured SSH connection togithub.com. However, for anybody else without such a configuration or for CI/CD environments this becomes a hindrance. After cloning the repository, the.gitmodulesneeds to be altered and pointed to the publicly available HTTPS URL, i.e.https://github.com/opencast/{mod}.git. I had to change the container image build files accordingly to prevent failures.IMO, users should be able to clone Opencast without having exchanged keys with GitHub. Therefore, I would urge using HTTPS instead of SSH. I'm not quite sure what operations release managers need to perform within the submodules, however, I would guess there are ways to do so while still using HTTPS (e.g. have a second clone of the module, use HTTPS with username and password).
[1] see .gitmodules.
Beta Was this translation helpful? Give feedback.
All reactions