Authenticate in Packages
Private and public repositories
Repositories in Space Packages are project-wide entities. There are two types of repositories:
Private | Only authenticated users can access private repositories. The access is managed by the Package Repositories permissions group. By default:
|
Public | All unauthenticated users have Read permission to public repositories. |
To change repository access permissions
Open Project Settings → Access.
In the list of roles on the left, choose the role for which you want to change access permissions.
Set required permissions in the Package Repositories group.
To change the repository access type
Open repository settings.
In Access to repository, specify the required repository type: Private or Public.
Authentication
Packages support a number of authentication ways:
Authentication | Use case |
---|---|
(Not recommended) Using your Space username and password | Accessing a repository with a tool like docker , mvn , dotnet , and so on. |
Using your Space username and personal token | Accessing a repository with a tool like docker , mvn , dotnet , and so on. |
Using a service account | Accessing a repository from an external service, for example, a CI/CD server. |
No authentication (only public repositories) | Accessing publicly available repositories. |
To authenticate with your Space user account
When asked for credentials, specify your Space username and password. We strongly recommend that you use a permanent token instead of a password:
To create a token, go to My Profile → Personal Tokens and choose New personal token.
When creating the token, provide it as minimum permissions as possible:
In Token permissions, select Limited access.
With Select permissions, add ReadRepository and WriteRepository for giving Read and Write access correspondingly.
When a tool or an application asks you for the password, you should specify this token instead.
To authenticate a tool or a service
On the navigation bar, click
Administration and choose Applications.
Click New Application.
In the New Application window:
in Type, choose Service Account.
in Name, specify an account name.
Click Edit requested rights and provide the account as minimum permissions as possible. To work with Packages, only permissions from the Package repositories group are required.
After the account is created, the account page will be shown. Using the left menu, switch to Authorizations.
Click Add project and select projects. The service account will get acceess only to the repositories of the selected projects.
Switch back to the service account overview by clicking the account name in the left menu. Note the Client ID and Client secret fields: you should use these two parameters as credentials for accessing project Packages on behalf of this account.