I have an R Shiny app that contains some sensitive information that I would not like to be made public, and do not want to pay for any services in order to get password authentication.
My question is if I create a private repository on GitHub with the server.R, ui.R and all supporting data and files, will anyone be able to run it with the runGitHub command (below) or in any way access my data?
library(shiny)
runGitHub("<private repository name>", "<my user name>")
if I create a private repository on GitHub with the server.R, ui.R and all supporting data and files, will anyone be able to run it with the runGitHub command ... or in any way access my data?
If the repository is private only people who have been granted access should be able to access it. This is true through the GitHub website as well as via direct Git access, which is almost certainly what runGitHub() does.
do not want to pay for any services in order to get password authentication
In general, private repositories on GitHub aren't free. Currently the cheapest plan that includes private repos is the Micro plan at $7 per month.
There are other Git hosting providers that do provide free private repositories. BitBucket and GitLab both come to mind.
It may be possible for you to get free private hosting on GitHub, e.g. if you are a student.
I have an R Shiny app that contains some sensitive information that I would not like to be made public
Finally, depending on the nature of the "sensitive information" you are trying to protect, there may be better options. It is fairly common to provide things like API keys and passwords as environment variables (especially when using PaaS providers like Heroku), or to commit "template" files like config.template.ini.
Related
I am trying to install an R package from a GitHub account I currently own and operate. I want to be able to share this R package with other users (i.e. allow them to download) but I want to constrain it to people I approve of.
I could do this by creating a Personal Access Token (PAT) and sharing (remotes::install_github(..., auth_token = "PAT")), but then they would get access to all of my repos on my account which is not an option.
Other options I have seen suggested include;
Creating a new GitHub account just for this R package and creating the PAT on this account to enable sharing of just the one repo
Making public instead of private
Neither of these feels optimal, is there another way?
You could add others as collaborators on your private repo, then they could use their own PAT to access the repo. It's not great idea to share PAT so this way each party is responsible for their own. That will also allow you to easily remove individuals without affecting access for everyone.
I know this is an old question, but I wanted to answer for anyone that finds this thread like I did. The other alternative is to set up a private SSH key (like you would use for git push) and then use remotes::install_git("git#github.com:Organiztation/repository.git",branch = ...). install_git uses the git credentials and supports SSH. install_github uses the GitHub API and does not support SSH.
I have problem with node-red.
I have a server and i have node-red running on it, i know how to create user authentification by editing setting.js file but what i want to do is that i want to be able to create other users from a webpage that is running on the same server.
I can run a python script that edit the setting.js file and i can edit it mannualy,
but i want to be able to create and remove users from the webpage that is running on the same server.
i am using ubuntu and ngninx on my server.
The Node-RED security documentation includes a section on adding custom user authentication here. It explains how you can replace the hard coded user information with a module that will authenticate a given user. Editing the settings.js is probably not the right approach, especially as it will require you to restart Node-RED after each change.
With this approach you can build your own back end to store and manage users. There are a couple of examples of such code available, including this one that I have written that uses MongoDB to hold the user information. The management app that creates users can be found here, but you can write your own in Python if you want.
Just as a reminder, Node-RED is not a true multi-user environment, even if you declare a number of users, they will all only have shared access to one instance and set of flows. If you want a truly multi-tenant (each user has their own instance and flows) deployment you should probably look at the entire series of posts in that collection that explains how to build such a system. You can start here.
I have an open-source project that uses two separate Firebase projects for a test environment and the production one.
Ultimately, I want to have other developers be able to pull down the project and actually be able to run it WITHOUT me needing to give each individual developer access.
I see a number of solutions in this question: How to add collaborators to a Firebase app?. Those all seem to require each person's email.
I understand why it maybe isn't a thing, but I am wondering if there is a way to just give access to everyone for only the test project so that contributing is super low-friction. Something similar to Firestore database rules that allow read/write in a public fashion to get started for testing.
I've tried making a new IAM account in the Google Cloud Console, and I think that partially worked for the Firebase Cloud Functions access to Admin SDK, but my collaborators get hung up trying to run firebase use <test-firebase-project> saying that they don't have access.
I see a lot of other config options for IAM, but nothing sticking out to me for this public access scenario.
Can anyone confirm this either is or isn't a thing?
Thanks!
EDIT
To add some more detail to my project...
I am using Authentication, Firestore, and Cloud Functions. The only js package I will use is the Auth one, which will be loaded from a CDN (so I believe that doesn't apply to my question).
I want to give access to people to run the Cloud Functions locally. There is a pre-build step that I have made in vanilla Node that calls a Cloud Function (running locally), which uses the Firebase Admin SDK to call my Firestore database. I then write that response to a JSON file that my front end uses.
When my collaborators pull down the project, and install the Firebase CLI, when they try to serve the Cloud Functions locally, they get hit with a "no access" type of error. I was trying to resolve this by adding a service account into the /functions directory, but apparently that didn't help.
My collaborators don't need access to the console at all. I basically just need them to be able to run the Cloud Function locally (and make sure they can't access my production Firebase project).
I am happy to add more detail, but I kind of feel like I am just rambling. Thanks again.
There is no way to grant everyone contributor access to your Firebase console. You will either have add each individual user, or create your own dashboard that uses the API to show the relevant data.
I have a repo that is currently private. My Firebase deployment token is stored as an Env Var in the CircleCI GUI. The CircleCI 2.0 documentation clearly states
Do not add keys or secrets to a public CircleCI project
Also, from what I can find in the FAQ, a CircleCI project is made public if the associated GitHub repo is made public.
Now, I intend to open source the project on GitHub, will it make the Env Var in CircleCI visible to anyone since the CircleCI project will become public?
If the Env Var is publicly visible, what is an advised way to keep my deployment token hidden from others? Do I have to resort to a solution like GCP KMS?
A CircleCI Employee clarified this for me on their forums.
That warning is meant for the config[.yml]. You can use UI-based CircleCI environment variables safely.
If the repo/project is public, you'll just want to make sure that:
envars in forked builds are turned off in settings
you don't echo/print those variables to build output at all since that might be visible to the public
So it is possible to have a public repo (and thus public CircleCI project) with deployment keys safely configured in the CircleCI GUI.
It sounds like you're using CircleCI for your repo, but the open-source version of your project won't require deployment tools like Firebase. If that's right, then you should keep the Firebase deployment token wherever it's convenient and secure for you.
It also sounds like maybe you're just keeping the deployment token directly in your repo right now, since that's private. If you only have a handful of secrets in your repo, something like git-crypt might meet your needs. Once you hit a larger volume, you're probably going to want something centralized, and using Cloud KMS to encrypt secrets is one option.
I am about to embark on the development of a line of business application using the Universal Windows Platform (Windows 10). One of the requirements of the application is the synchronisation of data from a server to a local SQLite database; this is required because the application needs to be usable where there is no network connectivity.
It is likely that multiple (windows domain) users will be accessing the application on the same device, sometimes simply by "swapping users", other times by logging off the first user and logging on as a new user.
I realise that UWP applications are installed at a user level, however I would like to be able to share the SQLite database between these users instead of forcing each user to download their own copy of the data.
Is this possible? I am struggling to find any reference to this kind of sharing within the Microsoft documentation - but of course that documentation is new and far from complete!
I guess at the end of the day I am looking for access to a folder that is accessible by any user running that application on the same device, such as the "x:\Users\Public" folders that are available from the desktop, but without having to ask the user to provide access to that folder via any picker control - instead simply being able to "open" it.
Thanks.
In case anyone runs across this, this functionality is now available as described in this blog post:
We introduced a new storage location Windows 10, ApplicationData.SharedLocalFolder, that allows multiple users of one app to share local data. Obviously this feature is only interesting with devices that will be used by more than one person. For such scenarios, for example in educational uses, it may make sense to place any large downloads in Shared Local. The benefits will be two-fold: any user can access these files without the need to re-download them, also there will be storage space savings
Keep in mind that Shared Local is only available if the machine has the right group policy, otherwise when you call ApplicationData.Current.SharedLocalFolder you will get back a null result.
In order to enable Shared Local the machine administrator should enable the corresponding policy.
Alternatively, the administrator could create a REG_DWORD value called AllowSharedLocalAppData with a value of 1 under HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\AppModel\StateManager
Note that data store in ShareLocal will only be persisted as long as the app is installed on the device and won’t be backed up by the system.
In Solution Explorer , Right click on Package.appxmanifest then click on ViewCode , end of this file in both projects add below code :
<Extensions>
<Extension Category="windows.publisherCacheFolders">
<PublisherCacheFolders>
<Folder Name="FolderName" />
</PublisherCacheFolders>
</Extension>
</Extensions>
After that in code you can access this folder with below line of code :
StorageFolder sharedDownloadsFolder = ApplicationData.Current.GetPublisherCacheFolder("FolderName");
It`s so important that the folder you will share between two these Apps depend on same publisher info at Certificate File [ProjectName]_TemporaryKey.pfx , if this Certificate File and publisher Info of app is same in both Projects , then you can access the same SharedFolder in both application and use it for create or use dataBase file(like SQLite Database file) or other files that need to be share in both applications.