Path: csiph.com!weretis.net!feeder6.news.weretis.net!feeder8.news.weretis.net!fu-berlin.de!bofh.it!news.nic.it!robomod From: Joost van =?utf-8?Q?Baal-Ili=C4=87?= Newsgroups: linux.debian.maint.python Subject: Re: Salsa: Setup tokens Date: Tue, 19 Mar 2024 13:40:01 +0100 Message-ID: References: X-Original-To: Christian Buhtz X-Mailbox-Line: From debian-python-request@lists.debian.org Tue Mar 19 12:30:18 2024 Old-Return-Path: X-Amavis-Spam-Status: No, score=-7.11 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FOURLA=0.1, LDO_WHITELIST=-5, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no X-Policyd-Weight: using cached result; rate: -5.5 Authentication-Results: eibe.uvt.nl; dmarc=pass (p=reject dis=none) header.from=uvt.nl Authentication-Results: eibe.uvt.nl; dkim=pass (2048-bit key; secure) header.d=uvt.nl header.i=@uvt.nl header.b="2T3JHMTD"; dkim-atps=neutral Authentication-Results: elekes.uvt.nl; none MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-URL: http://mdcc.cx/ X-Accept-Language: nl, en User-Agent: Mutt/2.0.5 (2021-01-21) X-Rspamd-Queue-ID: 35E1F9B X-Rspamd-Action: no action X-Rspamd-Server: engset Authentication-Results: eibe.uvt.nl; spf=pass smtp.mailfrom=joostvb+debian-python@uvt.nl X-Mailing-List: archive/latest/21629 List-ID: List-URL: List-Archive: https://lists.debian.org/msgid-search/ZfmFQy9lyaNArzn1@banach.uvt.nl Approved: robomod@news.nic.it Lines: 54 Organization: linux.* mail to news gateway Sender: robomod@news.nic.it X-Original-Cc: Debian python X-Original-Date: Tue, 19 Mar 2024 13:29:55 +0100 X-Original-Message-ID: X-Original-References: <039c06a78ebf2e00c9b104de38d0e962@posteo.de> Xref: csiph.com linux.debian.maint.python:15624 Hi Christian, Thanks for working on the documentation! Op Tue, Mar 19, 2024 at 10:54:43AM +0000 schreef c.buhtz@posteo.jp: > Hello, > > this is not a regular support message. I was not able to find clear > information in the wiki or somewhere else. Please point me to it if exist. > My intention is to improve the related wiki pages about it. > > The command "salsa create_repo" do not work because of a missing > SALSA_TOKEN. Technically it is clear to me why this happens. My question is > how am I supposed to handle that in the context of DPT and its policy. > > The error message: > > salsa warn: SALSA_TOKEN not set in configuration files. Some commands > may fail > salsa warn: Project not created: Error POSTing > https://salsa.debian.org/api/v4/projects (HTTP 401): Unauthorized > {"message":"401 Unauthorized"} at > /usr/share/perl5/Devscripts/Salsa/create_repo.pm line 36. > > OK, I logged into Salsa and navigated to "User Settings" -> "Access Tokens". > I assume I have to create a "Personal Access Tokens" instead of a "Feed > Token" or "Incoming mail token"? > > Are there any suggestions or recommendations from DPT about the "Expiration > date"? > > What is about "select scopes"? I see 10 unchecked items. They are described > but it is not totally clear for new users what they are about or what the > implications are. Any recommendations from DPT about that? Just select all? > > A more broad question: I never used tokens before. I do use SSH keys when > accessing Codeberg, GitHub or something else. Are this tokens a replacement > for SSH keys? Should I prefer one of this two methods? I can answer some of your questions, but not all of them. What I usually do: Get a personal access token "somesecret" from the salsa web interface. Then: $ touch ~/.salsa-token $ chmod og-r ~/.salsa-token $ echo somesecret > ~/.salsa-token $ SALSA_TOKEN=`cat ~/.salsa-token` For some actions, the salsa(1) tool (and/or gitlab on salsa.d.o) seems to need such a token. An SSH key is not always enough. HTH, Bye, Joost