Table of Contents
When you’re working as a software engineer on a proprietary product, it is not unlikely that you want or have to use a private Git repository.
Pulling stuff from a private repo directly to your local machine has become fairly trivial. All you need to do is generate an ssh key-pair, save the public key with your Git provider and add the private key to your ssh-agent.
Now, here's where things get hairy. You'd think that DevPod could use that same ssh key to pull from that same private repo. But when you try to start up a workspace from a private git repository, you might bump into an error like this:
So, what's the secret sauce to get DevPod in on the private repo action?
One option could be giving DevPod an access token. Although we could keep our username and token in the .gitconfig, that's a potential leak waiting to happen. Since it is stored in plaintext, it could easily be read and stolen by a rogue npm package for example.
Lucky for us, some brainy folks out there introduced the gitcredentials helper to help solve this problem. We recommend using the git credential manager so you don’t have to write your own implementation.
Once authenticated successfully, your credentials are stored in your system, e.g. on the MacOS keychain or in the Windows credential manager and will be used every time you interact with the repository (i.e git clone, pull, push etc) via an HTTPS URL.
To summarize, the git credentials manager uses a system-specific secure way to store credentials and only sends them over secure HTTPS connections.
After installation, Git will use the manager implicitly to look up the needed credentials.
Now, let's dive into the setup and connect DevPod to our private repos.
GitHub repositories
GitLab repositories
The flow for Gitlab is very similar to this.
In a nutshell, armed with the Git credential manager, your DevPod can now gracefully access private repositories, keeping your credentials snug and secure, while you confidently navigate the world of software development with peace of mind.
If you have further questions or comments, make sure to join our community Slack on slack.loft.sh, where you can chat to users and maintainers.
