Comments (4)
To be more precise: the openid feature doesn't prevent from downloading crates, nothing can prevent it as far as I know. It only allows to a specific list of users to publish packages on the registry. The difference might matter for your use case.
A cargo registry has basically 2 locations where you might control read access:
- The URL of the backing repository that you put in your
.cargo/config.toml
. Basically what we do at my company is that we set the http url to the ktra-managed repo, and let git manage authentication (with theuse git with cli
flag or something) to that repo. That means you can control access to the registry with your org's git control. - The URL listed in the config file within the repo you pointed in your cargo config. This is trickier to use, we used to use this URL (pointing to
.crate
files that are build artifacts behind GitLab API), but to support this flow, we had to patch Cargo to add support for adding arbitrary HTTP headers to the requests made to thedl
endpoint. This was a chore to maintain, and not using this patched Cargo means that we need to make the crates fully public if you happen to know the URL, which was not acceptable for us.
The openid thing only controls push/ownership access, which is currently useful for us to have our own technical CI user to push crates, and to make it easier for anyone in the company to publish and use private package when hacking on some PoCs
from ktra.
@Stargateur, check out #30. It might be close to what you're looking for.
from ktra.
Thx for the detailed inside, I see the link I guess limit the user creation / limit on who can upload crates would be nice too, thus it would be funny to see who would use a "public" registry with a private git repository index ^^. But that indeed not what I need for now, you confirm that until the implementation of the RFC is done and release there no simple way to do what I need.
Can't wait.
from ktra.
I have create a PR #50 to require authorization for public APIs. I will start testing after the RFC #3139 implementation merge into cargo.
from ktra.
Related Issues (20)
- Ktra server commits empty files HOT 7
- Can ktra be used as a transparent caching proxy for crates.io? HOT 1
- Delete versions / crates
- Add verbosity option to `ktra` command?
- Dependency listed incorrectly if it has aliased
- Announcement: About the development of Ktra in future HOT 4
- Error 404 when trying to publish without a token (should be 400) HOT 2
- git error: corrupted loose reference file: FETCH_HEAD when trying to mirror crates.io
- No push to remote repo HOT 2
- Renamed packages aren't usable HOT 2
- Downloading ktra's crates.io mirror may fail when tried from some Cargo versions
- Change error message for unauthorized push to show name or login
- Self contained docker stack
- Add https for the server HOT 4
- [Maintenance] Publish 0.7.0 HOT 4
- Ktra panics when using Mongo db backend HOT 3
- Store crates on S3
- Ktra openid doesn't install via cargo HOT 2
- ktra 0.7.0 - Failed to build with "--no-default-features --features=secure-auth,db-mongo" and "--no-default-features --features=secure-auth,db-redis"
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ktra.