Hide SSH repository mirroring
What does this MR do?
Removes reference to ssh://
URLs from the repository mirror settings page
Are there points in the code the reviewer needs to double check?
-
Is the screenshot now used in the documentation an appropriate resolution? -
Do the remaining screenshots need re-doing to match?
Repository mirroring is also referenced from the 'Import project by URL' functionality, where much of the text of _instructions.html.haml
is duplicated in a separate partial. It doesn't mention ssh://
, though.
Why was this MR needed?
Mirroring repositories over SSH needs more work before it's generally useful.
Currently, these URLs are interpreted with the implicit context of the SSH client configuration for the GitLab installation's git
user, particularly known_hosts
and any SSH private keys it has access to. Unless the user manually alters these details - especially known_hosts
- then ssh://
URLs just don't work.
We don't wish to support and document manual SSH configuration management, and the naive approach (a single id_rsa
file used when mirroring all repositories) is insecure - especially for GitLab.com or similar deployments.
Future MRs will re-add documentation for ssh://
URLs for both password and public-key authentication once known_hosts
and unique SSH keys for repository mirroring are handled automatically.
Disabling support for ssh://
URLs entirely would break existing customer setups.
What are the relevant issue numbers?
#98 (closed) #621