[build2] Using ssh-git

[Boris Kolpackov]

Bo Lorentsen <bl at lue.dk> writes:

> $ bpkg -v rep-info ssh://git-codecommit.eu-central-1.amazonaws.com/v1/repos/phoenix
>
> $ bpkg -v rep-info https://git-codecommit.eu-central-1.amazonaws.com/v1/repos/phoenix
>
> My focus will have to be using https as git schema and then find a way to
> handle credentials in a sane way.
> 
> I normally use git credential store, and this needs to be set for each new
> cloning, in the local repo. And as I understand it, bpkg will make a clone
> (smart if possible), but by doing that it (git) also will prompt for
> credentials, on every clone attempt (for aws https at least).

I would like to better understand in what situations you would want
authorized access to a repository and if we need better support for
this.

Just to make sure we are on the same page, the above commands query
a git repository as a version control-based package repository. In
other words, with bpkg the use of a repository is always read-only.
In particular, you would not be using this type of access as a way
to develop the packages (i.e., commit changes) in this repository
(for that you would normally clone the repository yourself and then
use bdep instead of bpkg).

So normally with bpkg a version control-based package repository
is accessed via a public, read-only URL that does not require
authorization. But I guess if you want to keep your repository
private (e.g,. because it is internal to your company), then you
would need authorization. Is that your use-case? If so, which
access (ssh or https) is preferable? We probably can add support
for the ssh:// scheme fairly easily.


> Thanks, I am really looking forward to using b2 packages and build, I like
> the flexibility there is in the design, but unfortunately I also gets
> confused by the level of complexity :-)

Yes, the flexibility/complexity tradeoff is the curse of C++ which
unfortunately also extends to its tooling.