Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Pretty angry that Github have made this change with no mechanism for adding machine users without paying a per month charge. It seems like a key feature, which is currently horribly painful to manage and now expensive.

How does everyone else create credentials that CI can use to checkout code?



Both Travis and Circle automatically install a deploy key into the project. It doesn't require additional machine users.


That's fine if you have a single repo, but CI normally needs to access lots of different repos. GitHub's documentation describes why you need machine users for anything but the most trivial deployment.

https://developer.github.com/guides/managing-deploy-keys/

It's also what GitHub does internally.


If I understand that page correctly, the only real difference is that Github arbitrarily prevents you from using the same deploy key for multiple repositories. If they lifted that restriction, this problem would go away.


Yep, same here. Our build system uses multiple repos (and now you can have as many as you want!)

This is shortsighted on their part, I hope they pay attention.


Semaphore works the same way.


CI machines cause most of their traffic, why should they be free?


Why don't you just add the SSH public keys of your CI machine to your own GitHub account?


I wouldn't want a CI to store a key that has R/W access to all my repos in all my organizations. I'm in at least 5 active organizations that I would be putting at risk


Use shadow repos just for CI and nothing else.


Deploy keys


https://developer.github.com/guides/managing-deploy-keys/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: