Use HTTPS cloning for Geo
In #1255 (closed), we discuss the difficulties that using SSH for Geo repository sync causes us. We have some idea to improve that, but I wonder if we should bypass it completely and perform the repository sync over HTTPS instead of SSH.
Advantages:
- No need for known_hosts management - use HTTPS CA infrastructure instead
- No need to manage special Geo SSH keys - we'd replace them with an access token of some kind
- Simpler network topology - no need for port 22 access between primary and secondary (probably a non-concern)
Downsides: ???
We already use HTTPS clone for CI, so we know it's usable at scale. Does SSH have some large advantage over HTTPS that I don't know about? In that case, would the runners benefit similarly from using SSH clone?