Git Repositories

In CodeCanvas, Git repositories live inside namespaces. There can be a number of repositories contained within a single namespace.

CodeCanvas doesn't host repositories itself but lets you connect your existing repositories hosted elsewhere: GitHub, GitLab, Bitbucket, or any other Git hosting service.

Only namespace administrators can connect repositories to a namespace.

How CodeCanvas works with Git repositories

CodeCanvas doesn't host repositories itself. Instead, it directly interacts with your Git hosting service to clone the repository to user dev environments.
To make a repository available in dev environments, a namespace administrator must configure the repository connection in CodeCanvas. This includes providing authentication settings, for example, providing an SSH key. When providing the key, the namespace administrator must use a secure mechanism like deploy keys in GitHub (or similar mechanisms in other Git hosting services, e.g., Gitlab deploy keys or Bitbucket access keys). Using personal SSH keys for this purpose is not secure and is not recommended.
CodeCanvas uses these authentication settings (e.g., a public deploy key) only to clone the Git repository to warm-up and user dev environments. Users don't have access to these settings in their dev environments.
When a user tries to pull from or push to the repository for the first time, they will be asked to authenticate in the repository. This means that the users must have access to the repository on the Git server. Learn more

Here is a short summary on what SSH keys are used for:

SSH keys	Created by	Used for	Stored in	Access
Deploy Key	Namespace administrator	Cloning the Git repository to warm-up and user dev environments	Public key on the Git server, private key securely stored in CodeCanvas	Only namespace administrators can access the key; No access from dev environments
User SSH Key	Dev environment user	Individual actions to pull from or push to the repository during sessions	Public key stored on the Git server, private key remains on the user's local machine	Accessed by the user; No access from CodeCanvas

Connect a remote Git repository

Find the namespace in which you want to create a repository.
In the sidebar namespace menu, select Repositories.
On the repository page, click Connect repository.
Specify the following:
- Name
  Give your repository a distinctive name and optional description. The name may not necessarily match your remote source repository name.
- Remote repository URL
  Specify the URL of the target remote repository. Note that the URL is different depending on the access type: HTTPS or SSH. For example, git@my-git-hosting:user/repo.git or https://my-git-hosting/user/repo.git.
- Repository web URL
  (Optional) Specify the URL of a related web page, for example, this can be the project's web page or the project's README. If specified, CodeCanvas will display a link to the remote repository in the repository list.
- Authentication
  - Anonymous – the remote repository is publicly available and requires no access credentials.
  - SSH – the remote repository is accessible via SSH. You need to have an SSH key pair (private and public) generated and stored on your local machine in the .ssh\ subdirectory. Provide the Private SSH key to CodeCanvas by uploading it to the corresponding field and enter the Passphrase if your key is protected by one. Note that the public key must be registered in the remote repository.
    If you turn on the Auto-generate SSH keys option, CodeCanvas will generate a new SSH key pair for you. The private key will be uploaded to CodeCanvas automatically, and the public key will be displayed so you can register it in the remote repository.
  - Password – the remote repository is accessible via HTTPS. Provide your Username and Password (this can be a plain text password or a personal access token).
  Important!
  - CodeCanvas will use the provided SSH key or password only to clone the project repository to user dev environments and during warm-up. Users will be asked to authenticate in the repository when they try to pull from or push to the repository for the first time.
- (Advanced) Read restrictions
  In CodeCanvas, access to a dev environment is defined by the Access setting of a dev environment template. If a user is in the Access list, they can create a dev environment from the template and view the repository contents. This is true even if the user doesn't have access to the repository on the Git server (as CodeCanvas uses its own authentication to clone the repository).
  The Read restrictions setting lets you prevent such unauthorized access by specifying users who're allowed to read the repository contents. The users out of this list won't be able to create a dev environment even if they have access to the corresponding dev environment template.
  - Only selected users – explicitly specify users who will have read access to the repository via their dev environments.
    Important!
    We strongly recommend that you synchronize this list with the list of allowed users on the Git server. Currently, you can create such synchronization using the CodeCanvas API.
  - All users – all CodeCanvas users will have read access to the repository via their dev environments.
Click Create.

Last modified: 08 November 2024