I'm currently working at a company and need to share some code with an external party. The access needs to be read-only, like how a vendor might deliver code to a client. I'm exploring a few options but none seem perfect: 1. I could add them directly to our repository and adjust permissions, but that would incur extra charges per seat which is a hassle. 2. I could share the code via Google Drive, but I want to be able to update the code later and have them easily grab the latest version, which isn't straightforward with Drive. 3. I'm leaning towards creating a Personal Access Token (PAT) scoped to just that repository, but it feels a bit insecure. Deploy keys are also an option I considered. I would love to hear how others have managed this and what solutions have worked in their professional experience!
3 Answers
A simpler option might be to use CI/CD pipelines to send the latest build artifacts to a storage service like S3. Instead of sharing the repo directly, you can share the links to those build artifacts. It eliminates the need for them to understand GitHub and keeps things tidy. Plus, you can always update the artifacts whenever necessary.
If you're fairly technical, you might consider hosting the repo on a server where you have SSH access. You can create a bare git repo there, give the client access for cloning and pulling updates without them needing to mess with your main repository. It's a pretty secure way to share without needing a license or worrying about them pushing changes to your main codebase. Just make sure you set up your firewall correctly to only allow their IP to access it. Sounds like a good solution to me!
Make sure to check your company’s policies on sharing code. It’s crucial to have access logs and a non-disclosure agreement to protect yourself legally. Depending on your organization, you might consider setting up guest accounts or creating a managed shadow repository. Just ensure that your manager is on board with whatever arrangement you choose.
Related Questions
How To: Running Codex CLI on Windows with Azure OpenAI
Set Wordpress Featured Image Using Javascript
How To Fix PHP Random Being The Same
Why no WebP Support with Wordpress
Replace Wordpress Cron With Linux Cron
Customize Yoast Canonical URL Programmatically