Repo Cloning
Git cloning
Just use the HTTPS URI
i.e with those sample repositories:
https://github.com/codefresh-contrib/ruby-on-rails-sample-app.git
https://gitlab.com/gitlab-examples/knative-ruby-app.git
https://opensource.ncsa.illinois.edu/bitbucket/scm/bd/bdcli.git
Sample vulnerable snippets for many languages:
https://github.com/marcinguy/sast-sample-code
SSH should also work:
Sample:
ssh://git@gitlab.com:gitlab-examples/knative-ruby-app.git
Should work with GitHub, GitLab, BitBucket or any Git Server with SSH support. You might need to add the Public Key in your Git Server Account (see below), even for Public SSH cloning.
If you need to clone using Private key (since you cannot add Public key to Account due to policies), you can add Private SSH key per Repository (Update it under Settings->Git Settings)
After changing the Key, press Update and the Reset the Project (will be rescanned)
Another approach is using Public Key generated for each repo.
Below approach generated Private key on the Platform and asks to enter public key for the user account on the Git server.
This should work with any Git Server.
Fig. 1
This is a little bit UX-wise not user-friendly. You have to add a project via ssh://... (i.e ssh://git@github.com/org/private.git) It will fail.
Fig. 2
Fig. 3
Check the public SSH key (under Project Settings - Fig. 4).
Get the Public Key from the Project (like below)
Fig. 4
add it to Git Server (GitHub, GitLab - see links below, any Git Server) and then click on "Check for commits" (Fig. 5) or Reset project button (Fig. 6)
Fig. 5
Fig. 6
GitLab https://docs.gitlab.com/ee/ssh/#add-an-ssh-key-to-your-gitlab-account
BitBucket https://support.atlassian.com/bitbucket-cloud/docs/set-up-an-ssh-key/
Each project has a unique private/public key
You can control which Project can be cloned from your Account by adding the Public Key to your account.