Github git: Difference between revisions
No edit summary |
|||
(3 intermediate revisions by the same user not shown) | |||
Line 17: | Line 17: | ||
</source> | </source> | ||
</blockquote><!-- Push/Pull with ssh key --> | </blockquote><!-- Push/Pull with ssh key --> | ||
== Deploy Keys == | |||
<blockquote> | |||
you can generate keys to provide read-only, or read-write access to a repo. | |||
<source lang="bash"> | |||
ssh-keygen -t ed25519 # a strong key | |||
</source> | |||
<source lang="yaml"> | |||
https://github.com/<you>/<repo>/settings/keys/new # url to add new deploykey | |||
</source> | |||
next we'll create entries within our ssh config for the repo. | |||
Create an `alias` for github.com, that will identify which deploykey you'll | |||
be using here. | |||
<source lang="ini"> | |||
Host <alias-for-your-repo> github.com | |||
HostName github.com | |||
IdentityFile /home/you/.ssh/deploykey | |||
User git | |||
</source> | |||
Finally, clone the git repository using your alias instead of github.com. | |||
<source lang="bash"> | |||
git clone <alias-for-your-repo>:<you>/<repo> | |||
</source> | |||
{{ NOTE | | |||
Your alias must be a word, not a full address. Some examples: | |||
* git will not recognize <code>myrepo:/you/myrepo</code> as an alias | |||
* your alias cannot resolve to your repo ex: <code>git clone {alias}</code> is not sufficient. You will need to use <code>git clone {alias}:you/repo</code>. | |||
}} | |||
</blockquote><!-- deploy keys --> | |||
== Submodule Authentication == | |||
<blockquote> | |||
* SSH keys provide access to specific repositories | |||
* PAT tokens should have expiry dates, which means manual intervention | |||
The least friction way of doing this is to use [[github-cli]] auto-generated PAT token and <code>gh auth login</code>. | |||
</blockquote><!-- Submodule Authentication --> | |||
</blockquote><!-- SSH Keys --> | </blockquote><!-- SSH Keys --> | ||
Line 52: | Line 97: | ||
</blockquote><!-- Find PR from commit --> | </blockquote><!-- Find PR from commit --> | ||
</blockquote><!-- Workflows --> | </blockquote><!-- Workflows --> | ||
= Firewall = | |||
<blockquote> | |||
== Getting github.com ip-address == | |||
<blockquote> | |||
github uses an unconventional setup for it's ip-addresses. Simply using a hostname resolves to just one of their | |||
possible servers. If you are creating firewall rules, you'll need to create them for each address range. Here is | |||
some code I've used to do this successfully in the past. | |||
{{ expand | |||
| python script to get github address ranges | |||
| | |||
<source lang="python"> | |||
import sys | |||
import json | |||
import os | |||
if sys.version_info[0] < 3: | |||
from urllib2 import urlopen | |||
else: | |||
from urllib.request import urlopen | |||
def get_github_urls(): | |||
""" | |||
Returns: | |||
list: ``[ '1.2.3.4/24', ... ]`` | |||
""" | |||
url = 'https://api.github.com/meta' | |||
reply = urlopen(url) | |||
if sys.version_info[0] < 3: | |||
status = reply.code | |||
else: | |||
status = reply.status | |||
if status != 200: | |||
raise RuntimeError('Unexpected reply: {}'.format(repr(reply))) | |||
# decode | |||
rawdata = reply.read().decode('utf-8') | |||
data = json.loads(rawdata) | |||
return data['git'] | |||
</source> | |||
}} | |||
See | |||
{| | |||
| stackoverflow question || https://superuser.com/questions/704230/what-ports-to-open-up-for-github-to-install-and-work | |||
|- | |||
| official docs on githug ip-addrs || https://help.github.com/en/articles/about-githubs-ip-addresses | |||
|} | |||
</blockquote><!-- Getting github.com ip-address --> | |||
</blockquote><!-- firewall --> |
Latest revision as of 15:15, 9 July 2022
SSH Keys
Push/Pull with SSH key
You'll need to change the github URL you are using.
git clone https://github.com/<Username>/<Project> # !!bad!! git clone git@github.com:<Username>/<Project> # good git clone github.com:<username>/<project> # also good (must specify user in ~/.ssh/config)You can quickly test authentication
ssh git@github.com -i ~/.ssh/githubDeploy Keys
you can generate keys to provide read-only, or read-write access to a repo.
ssh-keygen -t ed25519 # a strong keyhttps://github.com/<you>/<repo>/settings/keys/new # url to add new deploykeynext we'll create entries within our ssh config for the repo.
Create an `alias` for github.com, that will identify which deploykey you'll be using here.
Host <alias-for-your-repo> github.com HostName github.com IdentityFile /home/you/.ssh/deploykey User git
Finally, clone the git repository using your alias instead of github.com.git clone <alias-for-your-repo>:<you>/<repo>NOTE:
Your alias must be a word, not a full address. Some examples:
- git will not recognize
myrepo:/you/myrepo
as an alias- your alias cannot resolve to your repo ex:
git clone {alias}
is not sufficient. You will need to usegit clone {alias}:you/repo
.Submodule Authentication
- SSH keys provide access to specific repositories
- PAT tokens should have expiry dates, which means manual intervention
The least friction way of doing this is to use github-cli auto-generated PAT token and
gh auth login
.
Workflows
Importing existing repo
See hosting a git http server to share with github.
You can then use that to import your project.
Download single file
curl -O wget https://raw.githubusercontent.com/user/project/branch/filenameFind PR from commit
git log --merges --ancestry-path --oneline 9c34e5f6af..master \ | grep 'pull request' \ | tail -n1 \ | awk '{print $5}' \ | cut -c2- \ | xargs gh pr view -walternatively
git describe --all --contains <commit> # returns branch name
Firewall
Getting github.com ip-address
github uses an unconventional setup for it's ip-addresses. Simply using a hostname resolves to just one of their possible servers. If you are creating firewall rules, you'll need to create them for each address range. Here is some code I've used to do this successfully in the past.
python script to get github address ranges
import sys import json import os if sys.version_info[0] < 3: from urllib2 import urlopen else: from urllib.request import urlopen def get_github_urls(): """ Returns: list: ``[ '1.2.3.4/24', ... ]`` """ url = 'https://api.github.com/meta' reply = urlopen(url) if sys.version_info[0] < 3: status = reply.code else: status = reply.status if status != 200: raise RuntimeError('Unexpected reply: {}'.format(repr(reply))) # decode rawdata = reply.read().decode('utf-8') data = json.loads(rawdata) return data['git']See
stackoverflow question https://superuser.com/questions/704230/what-ports-to-open-up-for-github-to-install-and-work official docs on githug ip-addrs https://help.github.com/en/articles/about-githubs-ip-addresses