It specifies a HTTP URL which will return username&password which will
be used to authenticate access to the git repo.
This is mainly used for git repo accecpt dynamic password (for example
oauth bare token). Because the dynamic password might expire very soon,
so it's added to the main syncRepo loop.
Typical usage case is work with a sidecar called gce-node-auth on GKE,
it uses the GCE service account's oauth token as password to access
Cloud Source Repo.
Please see the repo below for how it worked.
https://github.com/cydu-cloud/gce-node-auth/blob/master/git-sync-with-gce-node-auth.yaml
* Create a git-sync user to run as, with an entry in /etc/passwd and
writable homedir
* Remove our own validation of key perms - let SSH do that.
* Update docs,
Add an option to specify a git http cookie file in the k8s yaml
that will be configured as the global git cookie file in the git-sync
client.
This is a useful access mechanism for some some hosted repositories
where SSH and passwords are not easily available, such as Google Cloud
Source Repositories.
Marco Micera
Tim Hockin
Chuanying Du
Philippe Dupont
Eugene Chung
Bryce Cronkite-Ratcliff
Hanlin Wang
Pieter Lange
Steve Jernigan
Aman