Git Repositories
In CodeCanvas, Git repositories live inside namespaces. There can be a number of repositories contained within a single namespace.
CodeCanvas doesn't host repositories itself, but lets you connect your existing repositories hosted elsewhere: GitHub, GitLab, Bitbucket, or any other Git hosting service.
Only namespace administrators can connect repositories to a namespace.
How CodeCanvas works with Git repositories
CodeCanvas doesn't host repositories itself. Instead, it directly interacts with your Git hosting service to clone the repository to user dev environments.
To make a repository available in dev environments, a namespace administrator must configure the repository connection in CodeCanvas. This includes providing authentication settings, for example, providing an SSH key. When providing the key, the namespace administrator must use a secure mechanism like deploy keys in GitHub (or similar mechanisms in other Git hosting services, e.g., Gitlab deploy keys, Bitbucket access keys). Using personal SSH keys for this purpose is not secure and is not recommended.
CodeCanvas uses these authentication settings (e.g., a public deploy key) only to clone the Git repository to warm-up dev environments and user dev environments. Users don't have access to these settings in their dev environments.
When a user tries to pull from or push to the repository for the first time, they will be asked to authenticate in the repository. This means that the users must have access to the repository on the Git server. Learn more
Here is a short summary on what SSH keys are used for:
SSH keys | Created by | Used for | Stored in | Access |
---|---|---|---|---|
Deploy Key | Namespace administrator | Cloning the Git repository to warm-up and user dev environments | Public key on the Git server, private key securely stored in CodeCanvas | Only namespace administrators can access the key; No access from dev environments |
User SSH Key | Dev environment user | Individual actions to pull from or push to the repository during sessions | Public key stored on the Git server, private key remains on the user's local machine | Accessed by the user; No access from CodeCanvas |
Connect a remote Git repository
Find the namespace in which you want to create a repository.
In the sidebar namespace menu, select Repositories.
On the repository page, click Connect repository.
Specify the following:
Name
Give your repository a distinctive name and optional description. The name may not necessarily match your remote source repository name.
Remote repository URL
Specify the URL of the target remote repository. Note that the URL is different depending on the access type: HTTPS or SSH. For example,
git@my-git-hosting:user/repo.git
orhttps://my-git-hosting/user/repo.git
.Repository web URL
(Optional) Specify the URL of a related web page, for example, this can be the project's web page or the project's
README
. If specified, CodeCanvas will display a link to the remote repository in the repository list.Authentication
Anonymous – the remote repository is publicly available and requires no access credentials.
SSH – the remote repository is accessible via SSH. You need to have an SSH key pair (private and public) generated and stored on your local machine in the
.ssh\
subdirectory. Provide the Private SSH key to CodeCanvas by uploading it to the corresponding field and enter the Passphrase if your key is protected with one. Note that the public key must be registered in the remote repository.Password – the remote repository is accessible via HTTPS. Provide your Username and Password (this can be a plain text password or a personal access token).
(Advanced) Read restrictions
In CodeCanvas, access to a dev environment is defined by the Access setting of a dev environment template. If a user is in the Access list, they can create a dev environment from the template and view the repository contents. This is true even if the user doesn't have access to the repository on the Git server (as CodeCanvas uses its own authentication to clone the repository).
The Read restrictions setting lets you prevent such unauthorized access by specifying users who're allowed to read the repository contents. The users out of this list won't be able to create a dev environment even if they have access to the corresponding dev environment template.
Only selected users – explicitly specify users who will have read access to the repository via their dev environments.
All users – all CodeCanvas users will have read access to the repository via their dev environments.
Click Create.