Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Speaking of... The NuGet registry in GitLab deserves an option to run without authentication from other builds and/or the "public" accessing it. Currently, it does not even handle the build job token and I have to cross connect builds using my personal access token (which then again is accessible to other maintainers of a repo).


GitLab PM here - Agreed that is an important feature and one we have scheduled for milestone 13.1 which will be released in June 2020.

As a workaround, you can add your access token as an environment variable and use that to publish/install packages via CI/CD.

And if you are interested in contributing to GitLab that issue is a great way get started.


The issue for this is at https://gitlab.com/gitlab-org/gitlab/issues/36424


That is what I did. However the secret is then available to all admins. Anyway. Good to know it is scheduled.


We stopped using gitlabs artifact repositories for this exact reason!


We'd love for you to try again. We do support using the job token with our NPM, Maven and Conan repositories. What do you currently use?




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: