Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(configuration/git): add SSH authentication documentation #141

Merged
merged 5 commits into from
Oct 31, 2023
Merged

feat(configuration/git): add SSH authentication documentation #141

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
4578d11
feat(configuration/git): add SSH authentication documentation
GeorgeMac Oct 31, 2023
0887d67
chore: format code
GeorgeMac Oct 31, 2023
71f22d5
chore: appease the lint gods
GeorgeMac Oct 31, 2023
7dbd4b1
Merge branch 'gm/git-ssh' of github.com:flipt-io/flipt-docs into gm/g…
GeorgeMac Oct 31, 2023
18965e1
chore: add suggestion to configuration/overview.mdx
GeorgeMac Oct 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 12 additions & 8 deletions configuration/overview.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -170,14 +170,18 @@ These properties are as follows:

#### Storage Git

| Property | Description | Default | Since |
| ----------------------------------------- | ----------------------------------------------------------- | ------- | ------- |
| storage.git.repository | The URL of the git repository to use | | v1.25.0 |
| storage.git.ref | The git ref to use | main | v1.25.0 |
| storage.git.poll_interval | The interval to poll the git repository and ref for changes | 30s | v1.25.0 |
| storage.git.authentication.basic.username | The username to use for basic authentication | | v1.25.0 |
| storage.git.authentication.basic.password | The password to use for basic authentication | | v1.25.0 |
| storage.git.authentication.token | The access token to use for authentication | | v1.25.0 |
| Property | Description | Default | Since |
| ------------------------------------------------------- | ----------------------------------------------------------- | ------- | ------- |
| storage.git.repository | The URL of the git repository to use | | v1.25.0 |
| storage.git.ref | The git ref to use | main | v1.25.0 |
| storage.git.poll_interval | The interval to poll the git repository and ref for changes | 30s | v1.25.0 |
| storage.git.authentication.basic.username | The username to use for basic authentication | | v1.25.0 |
| storage.git.authentication.basic.password | The password to use for basic authentication | | v1.25.0 |
| storage.git.authentication.token | The access token to use for authentication | | v1.25.0 |
| storage.git.authentication.ssh.password | Password used to generate the SSH keypair | | v1.30.0 |
| storage.git.authentication.ssh.private_key_path | Path to private key on the filesystem | | v1.30.0 |
| storage.git.authentication.ssh.private_key_bytes | (Alternative) Raw private key bytes | | v1.30.0 |
| storage.git.authentication.ssh.insecure_ignore_host_key | Skip verifying the known hosts key (avoid in production) | false | v1.30.0 |

#### Storage Object

Expand Down
30 changes: 29 additions & 1 deletion configuration/storage.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ Flipt will follow the configured reference (e.g. branch name) and keep up to dat
#### Authentication

Authentication enables the ability to leverage private Git repositories as flag state backends.
The `git` type backend supports both `basic` and `token` based authentication schemes.
The `git` type backend supports both `basic`, `token` and `ssh` based authentication schemes.

**GitHub**

Expand All @@ -229,6 +229,34 @@ storage:
password: < github-personal-access-token >
```

**SSH**

In order to configure Flipt with SSH, you will need to generate an SSH key-pair and configure your repository provider with the public key.
GitHub has some excellent documentation regarding how to generate and install you credentials [here](https://docs.github.com/en/authentication/connecting-to-github-with-ssh).

Once you have your private key credentials you will need to configure Flipt to use them.
This can be done via the `storage.git.authentication.ssh` configuration section:

```yaml
storage:
type: git
git:
repository: [email protected]:flipt-io/some-private-repo.git
authentication:
ssh:
password: flipt
private_key_path: private-key.pem
# private_key_bytes: <raw-key-bytes> # alternatively pass the raw bytes inline
insecure_ignore_host_key: true
```

<Warning>
`insecure_ignore_host_key` is not encouraged for production use, and is
`false` by default. Instead, you are advised to put the key fingerprint in the
known hosts file where you are running Flipt. For example, for Github you can
do `ssh-keyscan github.com >> ~/.ssh/known_hosts` on the Flipt host.
</Warning>

See our [GitOps Guide](/guides/get-going-with-gitops) for an example of how to set up a GitHub repository as a flag state backend.

### Object
Expand Down