Skip to content

Project : Add the ability to create specific read only access accounts

Description

I'm currently facing a problem on a project when :

  • I need to access build artifact
  • I need to connect to the private docker registry

Indeed, these two actions need valid credentials to be made. For the moment these credentials are user ones and I think it's not always to best way to do that. I'm a freelance developer and I don't want to create an access token specific for my client, it'll be better if my client own all the project specific credentials.

Proposal

I think it can be powerful to be able to create read only access on a specific project. For me it's like application password, it'll allow to access artifacts or docker images without relying on an existing user. Because it's related to a project, it'll be easier (because centralized) to create / remove / revoke access. Also adding permissions control can be even better (API, Registry...) because it'll make it easier to define specific access.

So creating a "kind of" virtual user which represent a project and can be authorized to make API calls or others protected actions using application password can be a very nice addition to your tool... It's a step forward in the continuous deployment direction !

Hope this'll help 😄.